ietf
[Top] [All Lists]

Re: Last Call: <draft-ietf-pkix-est-07.txt> (Enrollment over Secure Transport) to Proposed Standard

2013-06-11 18:13:46
On 6/11/13 4:30 AM, SM wrote:
At 07:45 10-06-2013, The IESG wrote:
The IESG has received a request from the Public-Key Infrastructure
(X.509) WG (pkix) to consider the following document:
- 'Enrollment over Secure Transport'
  <draft-ietf-pkix-est-07.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2013-06-24. Exceptionally, comments 
may be

There weren't any comments during the WGLC of draft-ietf-pkix-est-06.
The AD review of draft-ietf-pkix-est-06 was posted to the mailing list
and the only comments after that was "this version address my concerns".

PKIX is closing down; this is the final draft. Has the wg lost a bit of its furor yes. Mostly, the way things have worked in the recent past is that either people are for something and have some nice conversations about this or that improvement and wglc is quiet or people think the world is ending by publishing a draft and they object during authoring, wglc, and ietf lc. This one falls in to the earlier bucket.

I read the document.  It is about the use of an obsolete Proposed
Standard or later versions of that specification.

This bit I don't agree with. PKCS#10 is the way most PKI enrollments occur. RFC 2986, which is where PKCS#10 is documented, is updated by RFC 5967 because the draft that contained the media-type registration was obsoleted.

This draft is a nod to the fact that PKCS#10 is the way it's done and it's one via the web (not email) with TLS as the secure transport (not S/MIME/CMS). The kicker here is that it's actually been implemented and not just by the authors.

As for the TLS version, well I'm hoping 1.1 will be overtaken by events in short order but that compromise has been worked out and documented in a number of drafts.

 The comments from
three individuals who happen to be Area Directors creates a conundrum;
should I give more weight to them or to a content-free comment?  I do
not support the publication of this document as a Proposed Standard as
it is doubtful that it has the consensus of the working group.

There has been discussion about this draft on the list albeit not much. Definitely discussions at the meetings where it's been an agenda topic at IETF 82, 83, 85, and 86.

spt


<Prev in Thread] Current Thread [Next in Thread>