There seemed to be strong consensus that we should take out the wording in the
current -msg and -cert drafts about how to do certificate registration.
Here is
my take on what needs to change in the two documents to do this. Please look
this over, and if you're one of the "careful" types, see if there is anything
else in either document that needs to be removed or changed.
As I said earlier, I think we need to address the issue, but only briefly. I
chose to do it in the -msg document (see the section 3.7 change below), but am
happy to put it in -cert instead. It seemed better in -msg because that's
where
we are talking about the format for other actions.
--Paul Hoffman, Director
--Internet Mail Consortium
*****msg-01*****
In 1.1, remove the sentence:
This draft also defines how to create certification requests that
conform to PKCS #10 [PKCS-10], and the application/pkcs10 MIME type
for transporting those requests.
In 1.1, further down, remove:
- "PKCS #10: Certification Request Syntax", [PKCS-10].
In 3.2.1, remove:
application/pkcs10 .p10
In 3.7, remove the entire section and its subsections, and replace it with:
3.7 Registration Requests
A sending agent that signs messages MUST have a certificate for the
signature so that a receiving agent can verify the signature. There are
many ways of getting certificates, such as through an exchange with a
certificate authority, through a hardware token or diskette, and so on.
S/MIME v2 [SMIMEV2] specified a method for "registering" public keys
with certificate authorities using an application/pkcs10 body part. The
IETF's PKIX Working Group is preparing another method for requesting
certificates; however, that work was not finished at the time of this
draft. S/MIME v3 does not specify how to request a certificate, but
instead mandates that every sending agent already has a certificate.
In 3.8, remove:
MIME type: application/pkcs10
parameters: any
file suffix: any
and in the last entry (MIME type: application/octet-stream), remove p10.
In B, remove:
[PKCS-10] "PKCS #10: Certification Request Syntax", Internet Draft
draft-hoffman-pkcs-certif-req
In E.3, remove the entire section (we may be removing all of E, depending
on what I hear from IANA).
*****cert-01*****
In 1, remove:
- ''PKCS #10: Certification Request Syntax'', [PKCS-10].
In 5, remove the entire section and its subsections (ga-chunk!). Renumber
section 6 to 5.
In A.6, remove the entire section.
In references, remove:
[PKCS-10], "PKCS #10: Certification Request Syntax", draft has been
submitted for RFC status