ietf-smime
[Top] [All Lists]

Re: Certificate request format (was RE: S/MIME V3 Msg Spec Comments)

1997-11-07 13:00:27
From: "Anil R. Gangolli" <gangolli(_at_)StructuredArts(_dot_)com>

Since there are a number of mechanisms in use today that allow PKCS-10
submitted over other certificate management protocol schemes (e.g. ones
using
HTTP and HTML forms).  I think there is value in separating these and
including both, as well as in indicating the acceptability of e-mail and
other submission schemes incorporating PKCS-10 but not necessarily
PKIX CMP.

I also think that the level of support for PKIX CMP is not adequate
to merit its specification as the sole means of certification request
in the S/MIME v3 timeframe.


Anil,

You are, as usual, correct.  S/MIME may specify the optional use of any
number of certificate management request message formats and transport
mechanisms, including various combinations of PKCS-7, PKCS-10, HTML,
HTTP, SMTP, FTP, etc.

But IMO, IETF S/MIME should specify a single certificate management
message format as a MUST-implement, and that should be the syntax
specified by PKIX CMP.  Implementors are always free to include
additional functionality over and above that required by the spec.
I expect most vendors will offer both S/MIME v2 and legacy PKCS-10
support even if S/MIME v3 does not require them.


<Prev in Thread] Current Thread [Next in Thread>
  • Re: Certificate request format (was RE: S/MIME V3 Msg Spec Comments), David P. Kemp <=