pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Chance to fix X.509

1993-08-13 06:38:00
from [Mike Roe] [Permanent Link] 

The followung ISO document arrived on my desk this morning:

****************************************************************

ISO/IEC JTC 1/SC 21 N 7940
Date: June 1993
ISO/IEC JTC 1/SC 21
Open Systems Interconnection, Data Management and Open Distributed Processing
Secretariat: U.S.A (ANSI)

TITLE: Request for Contributions on Extensions to ITU-TS Recommendation X.509
       ISO/IEC 9594-8 Certificate Definitions

SOURCE: ISO/IEC JTC 1/SC 21/WG 4 Meeting, Yokohama, June 1993

PROJECT: 21.29

STATUS: output document for study and comment

REQUIRED ACTION: As per SC 21/WG Yokohama resolution 3.3, this document is
 circulated to SC 21 National Bodies and Liaison Organizations for study and
 comment. Contributions submitted on this document should reach the SC 21/WG 4
 Secretariat no later than 23 May 1993.

DISTRIBUTION: P and L Members
              Mr. P. D. Bartoli, Chairman JTC 1/21
              Mr. K. Morino, Convenor JTC 1/21/4
              Ms R. Mori, Sec JTC 1/21/4

A NP has been established for extending the definition of the security
certificates defined in ITU-TS Recommendation X.509 | ISO/IEC 9594-8. It is
expected that these extensions will provide:

* better support for non-repudiation requirements

* the ability for certificates to hold multiple algorithms and keys. For
  example, the algorithm identified for confidentiality may be weaker than
  that identified for integrity or authentication.

* more flexibility is extending certificate by providing extensibility
  mechanisms to allow the addition of both standardized and proprietary
  extensions to certificate definitions. This mechanism would allow a user
  of a certificate to ignore unknown information in the certificte if
  permitted by policy.

National bodies and liaison organizations are asked to provide contributions
into the next Directory meeting in January/February of 1994.

***************************************************************************
(end of ISO document)

The list of defects in X.509 is extremely well-known to most standards bodies
(after all, the same list of defects has been repeatedly raised every year for
the last five years....) However, to make sure none of the smaller defects get
forgotten, and to increase the chance of something getting done this time
round, now would be a good time for interested parties to contact their
national representative and make their views known.


In the UK, to table a document for discussion by IST 21/-/1/1 (the security
panel of IST 21/1), you can send it to me:

Michael Roe
University of Cambridge Computer Laboratory
New Museums Site
Pembroke Street
Cambridge
UK

Email: mrr(_at_)cl(_dot_)cam(_dot_)ac(_dot_)uk
Fax: +44 223 334678

Mike
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Chance to fix X.509, Mike Roe <=
Previous by Date:  Re: PEM-MIME (or is it MIME-PEM?), Steve Kent
Next by Date:  Disclaimer field in X.509, jueneman%wotan
Previous by Thread:  Re: PEM-MIME (or is it MIME-PEM?), p . churchyard
Next by Thread:  Disclaimer field in X.509, jueneman%wotan
Indexes:  [Date] [Thread] [Top] [All Lists]