The PEM WG will be meeting in Amsterdam. I expect we will begin with
brief status reports on TIS-PEM, and at least two (free) Mac PEM
implementations that are becoming available, plus two Eurpoean PEM
implementations that have been demonstrated since the last IETF.
At this meeting I would like to come to resolution on the PEM-MIME
integration topic, and I think that should be our first order of
business. There has been little or no traffic on this topic for a
while, but I am not sure if that indicates that the WG has reached
concensus, boredom has set in, or we are all suffering from a long
duration version of attention span deficit disorder ;-). I am asking
Ned Freed and Greg Voudreuil to ensure that the currently posted I-D
on this topic represents a version that incorporates all of the
comments they have received (and were willing to incorporate). I am
asking John Linn, Jeff Schiller and Ted T'so to review this version to
ensuer that they feel it adequately addresses their concerns about
minimizing the impact on existing 1421-compliant implementations. Of
course, everyone else is encouraged to participate in reviewing this
I-D, but I am requesting this effort from some of the most active and
vocal participants in hopes of arriving in Amsterdam with a concensus.
As a second order of business, I note that Steve Crocker raised issues
about the form of names in certificates and the structure of the
certification system at the last meeting, but his presentation was
oral, so we do not yet have any written proposals to discuss. I
encourage Steve to prepare specific, written proposals addressing both
topics (enumerating the motivations for each, describing the precise
changes to be made to the RFCs, etc.). We can continue the discussion
without written documentation, but I believe it would be easier for
folks to follow if we had well-written, specific proposals in hand.
Since we have a relatively short time before the meeting, I suggest
distribution via this list, with a followup via the I-D path after the
meeting. I will try to prepare documentation providing further rationale
for the current approaches.
Addtional Topics (time permitting):
I would like to discuss options for storage of certificates in the DNS
(keeping DNs in the certificates but using DNS names as indices).
There has been considerable discussion on the list about adding some
form of triple-DES as a data encryption algorithm option for PEM, and
this topic can be pursued if there are proponents available to discuss
the merits of various techniques.
Other topics suggested by attendees, either in advance (announced on
this list) or on site.
Thanks,
Steve