Re: [Uri-review] PKCS#11 URI registration request review
Darren J Moffat <Darren.Moffat@Oracle.COM> Tue, 12 February 2013 10:12 UTC
Return-Path: <Darren.Moffat@Oracle.COM>
X-Original-To: uri-review@ietfa.amsl.com
Delivered-To: uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BD9021F8C31 for <uri-review@ietfa.amsl.com>; Tue, 12 Feb 2013 02:12:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.399
X-Spam-Level:
X-Spam-Status: No, score=-5.399 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_102=0.6, J_CHICKENPOX_93=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A3rQxvVHuVMs for <uri-review@ietfa.amsl.com>; Tue, 12 Feb 2013 02:12:15 -0800 (PST)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id 440D921F8C1E for <uri-review@ietf.org>; Tue, 12 Feb 2013 02:12:15 -0800 (PST)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r1CACDTe024520 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 12 Feb 2013 10:12:14 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r1CACCYC018548 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 12 Feb 2013 10:12:13 GMT
Received: from abhmt110.oracle.com (abhmt110.oracle.com [141.146.116.62]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r1CACCfV032550; Tue, 12 Feb 2013 04:12:12 -0600
Received: from [10.163.198.80] (/10.163.198.80) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 12 Feb 2013 02:12:12 -0800
Message-ID: <511A157B.2010601@Oracle.COM>
Date: Tue, 12 Feb 2013 10:12:11 +0000
From: Darren J Moffat <Darren.Moffat@Oracle.COM>
Organization: Oracle Solaris Security
User-Agent: Mozilla/5.0 (X11; SunOS i86pc; rv:10.0.11) Gecko/20121204 Thunderbird/10.0.11
MIME-Version: 1.0
To: Larry Masinter <masinter@adobe.com>
References: <alpine.GSO.2.00.1301261430001.28908@rejewski> <alpine.GSO.2.00.1302081722560.7401@rejewski> <C68CB012D9182D408CED7B884F441D4D1E403191B4@nambxv01a.corp.adobe.com>
In-Reply-To: <C68CB012D9182D408CED7B884F441D4D1E403191B4@nambxv01a.corp.adobe.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
X-Mailman-Approved-At: Tue, 12 Feb 2013 08:13:29 -0800
Cc: "uri-review@ietf.org" <uri-review@ietf.org>, Jan Pechanec <jan.pechanec@Oracle.COM>
Subject: Re: [Uri-review] PKCS#11 URI registration request review
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uri-review>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Feb 2013 10:12:16 -0000
On 02/11/13 23:07, Larry Masinter wrote: > It's completely unclear to me what advantage you get from having this stuff packed into a URI rather than some XML/JSON data structure, which would more easily address the I18N and other issues. > It seems like the applicability of this "scheme" is to fit into a "URI" slot in some protocol that doesn't need to be a URI but just some other kind of Identifier. A URI is easily specified in a configuration file or a configuration property of something else. We already use the PKCS#11 URI syntax in Solaris in a number of places. Our PKCS#11 OpenSSL ENGINE uses it for locating RSA/DSA priviate keys in PKCS#11 tokens. You can use a PKCS#11 URI as the location of a wrapping key in a ZFS dataset property. XML/JSON would be highly in appropriate there. eg: # zfs create -o encryption=on \ -o keysource=raw,pkcs11:token=KMS;object=MyKey Admins aren't going to hand craft XML/JSON in either of these cases. > I'm willing to believe there's a justification and that the document just doesn't give it. > > > >> -----Original Message----- >> From: uri-review-bounces@ietf.org [mailto:uri-review-bounces@ietf.org] On >> Behalf Of Jan Pechanec >> Sent: Friday, February 08, 2013 5:29 PM >> To: uri-review@ietf.org >> Cc: Darren.Moffat@oracle.com >> Subject: Re: [Uri-review] PKCS#11 URI registration request review >> >> On Sat, 26 Jan 2013, Jan Pechanec wrote: >> >> hi, the section 5.2 of RFC 4395 notes "Allow a reasonable time >> for discussion and comments. Four weeks is reasonable for a permanent >> registration requests." >> >> I will wait for two more weeks if there is any feedback (which >> would be greatly appreciated) to make it 4 weeks in total, and if there >> is none I will continue with the next step, which is the submission to >> iana@iana.org. >> >> regards, Jan. >> >>> hello, >>> >>> in accordance with section "5.2. Registration Procedures" of RFC >>> 4395 "Guidelines and Registration Procedures for New URI Schemes", I >>> respectfully request a review for our planned permanent registration >>> request of the PKCS#11 URI as specified in the following I-D: >>> >>> http://tools.ietf.org/html/draft-pechanec-pkcs11uri-08 >>> >>> the registration template is attached. >>> >>> best regards, Jan Pechanec >>> >>> >> >> -- >> Jan Pechanec >> http://blogs.oracle.com/janp >> _______________________________________________ >> Uri-review mailing list >> Uri-review@ietf.org >> https://www.ietf.org/mailman/listinfo/uri-review -- Darren J Moffat
- Re: [Uri-review] PKCS#11 URI registration request… Ted Hardie
- [Uri-review] PKCS#11 URI registration request rev… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Ted Hardie
- Re: [Uri-review] PKCS#11 URI registration request… Larry Masinter
- Re: [Uri-review] PKCS#11 URI registration request… Darren J Moffat
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Larry Masinter
- Re: [Uri-review] PKCS#11 URI registration request… Ted Hardie
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Larry Masinter
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec
- Re: [Uri-review] PKCS#11 URI registration request… Jan Pechanec