ietf-smime
[Top] [All Lists]

Re: Certificate request format (was RE: S/MIME V3 Msg Spec Comments)

1997-11-07 12:16:07
Blake Ramsdell wrote:

On Thursday, November 06, 1997 12:05 PM, 
dpkemp(_at_)missi(_dot_)ncsc(_dot_)mil
[SMTP:dpkemp(_at_)missi(_dot_)ncsc(_dot_)mil] wrote:
Given that this document describes the IETF version of S/MIME, I
think
*also* is the wrong word.  The S/MIME v3 spec should define how to
create
certification requests using the IETF Certificate Management
Protocol,
period.  PKCS #10-format requests are included as an option within
CMP.

I agree -- since the alliance is expressly towards PKIX, then we
should
do this.

If we just define the use of p10cr for the purpose of requesting a
certificate, would that be adequate for Diffie-Hellman and friends?
Are
there any other ways of requesting that are useful to S/MIME that
aren't
achievable using PKCS #10 in CMP?

Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103  Fax +1 425 882 8060

Since there are a number of mechanisms in use today that allow PKCS-10
submitted over other certificate management protocol schemes (e.g. ones
using
HTTP and HTML forms).  I think there is value in separating these and
including both, as well as in indicating the acceptability of e-mail and
other submission schemes incorporating PKCS-10 but not necessarily
PKIX CMP.

I also think that the level of support for PKIX CMP is not adequate
to merit its specification as the sole means of certification request
in the S/MIME v3 timeframe.

--a.

-- 
Anil R. Gangolli
Structured Arts Consulting Group
mailto:gangolli(_at_)StructuredArts(_dot_)com
http://www.StructuredArts.com

<Prev in Thread] Current Thread [Next in Thread>