Re: [Trans] Precertificate format

Melinda Shore <melinda.shore@gmail.com> Thu, 16 October 2014 22:41 UTC

Return-Path: <melinda.shore@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DCE91A8AA6 for <trans@ietfa.amsl.com>; Thu, 16 Oct 2014 15:41:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K8cnfIgZ9745 for <trans@ietfa.amsl.com>; Thu, 16 Oct 2014 15:41:40 -0700 (PDT)
Received: from mail-pd0-x229.google.com (mail-pd0-x229.google.com [IPv6:2607:f8b0:400e:c02::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 689571A88DE for <trans@ietf.org>; Thu, 16 Oct 2014 15:41:40 -0700 (PDT)
Received: by mail-pd0-f169.google.com with SMTP id w10so4076526pde.0 for <trans@ietf.org>; Thu, 16 Oct 2014 15:41:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=5o2oSJbRSjWyWopuVhJYF59YsTR+Vh1pNkV9EhDcbA4=; b=gRfVv8faS0iwZp83mVLeryP2R69Q8XXZ4Ndk3oz18/vWhYxvxz0OBQT9sq/Htra03n g4r3FZfTk1XeDjR3jGzuINW2yf9sICeoodsJgN1J/eZLFxnRb8VcFH+90LU0rit4X6VO kNsUNSFWEzwdM6ffTincxKhJa7Mk9aDASm0p5athJR35keKblHDRd0BbjXkIsArMHquX KGshZoxTQOrGi7S8EQ5FUIITLInVE6uv/Uku8s2y7LaVOQSHFy+pQI3668dR9Zh4mV+Z qItwGcU0qczEgzYcHmfthjIPqeEXgSuyyD4RNs/tj3wHcs+S6wqZqyrXxkBVjzUvC5Q/ f67Q==
X-Received: by 10.67.13.205 with SMTP id fa13mr4387316pad.118.1413499300088; Thu, 16 Oct 2014 15:41:40 -0700 (PDT)
Received: from spandex.local (74-124-98-47-rb2.sol.dsl.dynamic.acsalaska.net. [74.124.98.47]) by mx.google.com with ESMTPSA id uw1sm14303211pab.30.2014.10.16.15.41.38 for <trans@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 16 Oct 2014 15:41:39 -0700 (PDT)
Message-ID: <544049A1.6010308@gmail.com>
Date: Thu, 16 Oct 2014 14:41:37 -0800
From: Melinda Shore <melinda.shore@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: trans@ietf.org
References: <CABrd9ST-a64kDK82a-ATDW2JkuHZWbGfO0-Rmtgv5mbYrnwZPQ@mail.gmail.com>
In-Reply-To: <CABrd9ST-a64kDK82a-ATDW2JkuHZWbGfO0-Rmtgv5mbYrnwZPQ@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/mpiikTW8uvakFoTQ1KaCfSB0k_I
Subject: Re: [Trans] Precertificate format
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Oct 2014 22:41:42 -0000

On 10/16/14 7:09 AM, Ben Laurie wrote:
> We (the 6962-bis editors) would like to propose that we replace the
> existing precertificate formats with a TBSCertificate wrapped in PKCS#7.
> This lays to rest, we think, any possible confusion with X509v3 certs,
> whilst allowing a simple mapping between the final cert and the pre-cert.
> 
> Obviously there are details to be nailed down, but before we do so, we'd
> like to hear any discussion on the general idea.

Please give this some attention - we've been trying to come to
agreement on precertificate format since the working group was
chartered, and it will be a glorious day indeed when we can close
the ticket.

Melinda