On Tue, Feb 07, 2006 at 08:06:10PM -0800, Hallam-Baker, Phillip allegedly wrote:
Might make sense in a policy record,
You mean as a domain-level root for per-user keys? An interesting
thought.
The other issue with many of these "alternative" key storage specs is
that they just store keys. Adding all the Selector goop into these
would be a bit of a convolution and possibly an unwelcome one by the
original authors.
and might be more complex to manage. The argument might be made that it
would be easier to manage for end user keys
That would be my thinking. Assuming I was thinking at all...
but we are not there yet.
Quite. The poor old chairs are having enough trouble getting focus on
the threats document. Yet alone to two or three other docs that need
to be complete before per-user can even sensibly discussed.
Mark.
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of
william(at)elan.net
Sent: Tuesday, February 07, 2006 8:41 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: [ietf-dkim] RFC 4387 on Internet X.509 Public Key
Infrastructure Operational Protocols: Certificate Store
Access via HTTP (fwd)
Obviously per your limited charter you'd consider this OT,
but still FYI.
---------- Forwarded message ----------
Date: Tue, 7 Feb 2006 17:25:38 -0800
From: rfc-editor(_at_)rfc-editor(_dot_)org
To: ietf-announce(_at_)ietf(_dot_)org, rfc-dist(_at_)rfc-editor(_dot_)org
Cc: ietf-pkix(_at_)imc(_dot_)org, rfc-editor(_at_)rfc-editor(_dot_)org
Subject: RFC 4387 on Internet X.509 Public Key Infrastructure
Operational
Protocols: Certificate Store Access via HTTP
A new Request for Comments is now available in online RFC libraries.
RFC 4387
Title: Internet X.509 Public Key Infrastructure
Operational Protocols: Certificate Store
Access via
HTTP
Author: P. Gutmann, Ed.
Status: Standards Track
Date: February 2006
Mailbox: pgut001(_at_)cs(_dot_)auckland(_dot_)ac(_dot_)nz
Pages: 25
Characters: 63182
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-ietf-pkix-certstore-http-09.txt
URL: http://www.rfc-editor.org/rfc/rfc4387.txt
The protocol conventions described in this document satisfy
some of the operational requirements of the Internet Public
Key Infrastructure (PKI).
This document specifies the conventions for using the
Hypertext Transfer Protocol (HTTP/HTTPS) as an interface
mechanism to obtain certificates and certificate revocation
lists (CRLs) from PKI repositories. Additional mechanisms
addressing PKIX operational requirements are specified in
separate documents. [STANDARDS TRACK]
This document is a product of the Public-Key Infrastructure
(X.509) Working Group of the IETF.
This is now a Proposed Standard Protocol.
STANDARDS TRACK: This document specifies an Internet
standards track protocol for the Internet community,and
requests discussion and suggestions for improvements.Please
refer to the current edition of the Internet Official
Protocol Standards (STD 1) for the standardization state and
status of this protocol. Distribution of this memo is unlimited.
This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution
list should be sent to IETF-REQUEST(_at_)IETF(_dot_)ORG(_dot_) Requests to
be
added to or deleted from the RFC-DIST distribution list
should be sent to RFC-DIST-REQUEST(_at_)RFC-EDITOR(_dot_)ORG(_dot_)
Details on obtaining RFCs via FTP or EMAIL may be obtained by
sending an EMAIL message to rfc-info(_at_)RFC-EDITOR(_dot_)ORG with the
message body
help: ways_to_get_rfcs. For example:
To: rfc-info(_at_)RFC-EDITOR(_dot_)ORG
Subject: getting rfcs
help: ways_to_get_rfcs
Requests for special distribution should be addressed to
either the author of the RFC in question, or to
RFC-Manager(_at_)RFC-EDITOR(_dot_)ORG(_dot_) Unless specifically noted
otherwise on the RFC itself, all RFCs are for unlimited distribution.
Submissions for Requests for Comments should be sent to
RFC-EDITOR(_at_)RFC-EDITOR(_dot_)ORG(_dot_) Please consult RFC 2223,
Instructions to RFC Authors, for further information.
Joyce K. Reynolds and Sandy Ginoza
USC/Information Sciences Institute
...
--22b50466d5aa20ab9f92be34617c09da
A new Request for Comments is now available in online RFC libraries.
RFC 4387
Title: Internet X.509 Public Key Infrastructure
Operational Protocols: Certificate Store
Access via
HTTP
Author: P. Gutmann, Ed.
Status: Standards Track
Date: February 2006
Mailbox: pgut001(_at_)cs(_dot_)auckland(_dot_)ac(_dot_)nz
Pages: 25
Characters: 63182
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-ietf-pkix-certstore-http-09.txt
URL: http://www.rfc-editor.org/rfc/rfc4387.txt
The protocol conventions described in this document satisfy
some of the operational requirements of the Internet Public
Key Infrastructure (PKI).
This document specifies the conventions for using the
Hypertext Transfer Protocol (HTTP/HTTPS) as an interface
mechanism to obtain certificates and certificate revocation
lists (CRLs) from PKI repositories. Additional mechanisms
addressing PKIX operational requirements are specified in
separate documents. [STANDARDS TRACK]
This document is a product of the Public-Key Infrastructure
(X.509) Working Group of the IETF.
This is now a Proposed Standard Protocol.
STANDARDS TRACK: This document specifies an Internet
standards track protocol for the Internet community,and
requests discussion and suggestions for improvements.Please
refer to the current edition of the Internet Official
Protocol Standards (STD 1) for the standardization state and
status of this protocol. Distribution of this memo is unlimited.
This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution
list should be sent to IETF-REQUEST(_at_)IETF(_dot_)ORG(_dot_) Requests to
be
added to or deleted from the RFC-DIST distribution list
should be sent to RFC-DIST-REQUEST(_at_)RFC-EDITOR(_dot_)ORG(_dot_)
Details on obtaining RFCs via FTP or EMAIL may be obtained by
sending an EMAIL message to rfc-info(_at_)RFC-EDITOR(_dot_)ORG with the
message body
help: ways_to_get_rfcs. For example:
To: rfc-info(_at_)RFC-EDITOR(_dot_)ORG
Subject: getting rfcs
help: ways_to_get_rfcs
Requests for special distribution should be addressed to
either the author of the RFC in question, or to
RFC-Manager(_at_)RFC-EDITOR(_dot_)ORG(_dot_) Unless specifically noted
otherwise on the RFC itself, all RFCs are for unlimited distribution.
Submissions for Requests for Comments should be sent to
RFC-EDITOR(_at_)RFC-EDITOR(_dot_)ORG(_dot_) Please consult RFC 2223,
Instructions to RFC Authors, for further information.
Joyce K. Reynolds and Sandy Ginoza
USC/Information Sciences Institute
...
_______________________________________________
IETF-Announce mailing list
IETF-Announce(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf-announce
_______________________________________________
NOTE WELL: This list operates according to
<http://dkim.org/ietf-list-rules.html>
_______________________________________________
NOTE WELL: This list operates according to
<http://dkim.org/ietf-list-rules.html>
_______________________________________________
NOTE WELL: This list operates according to
<http://dkim.org/ietf-list-rules.html>