Ned,
There seems to be attempting to table any discussion of X.509v3 based on this
being a new work item for the group:
Adding new work items partway through is frowned upon, and is usually only
allowed when it is clear that something important was missed -- something so
important that it may adversely impact the implementation and use of the work
the group has done. (MIME clearly falls into this category, although I now wish
that a new group had been started.)
New work items, and this is clearly a new item that goes beyond the
charter, are usually handled by starting a new group.
Working groups are not generally expected to last more than a year. According
to this simple yardstick this group's demise is long overdue.
<<stuff removed
These are not my rules -- I'm just stating what I understand the general
policies to be.
Ned
The PEM charter places a strong emphis on the use of X.509. The X.509v3 work
is in the scope of this working group.
<from PEM charter
The standard form adopted by PEM is largely a profile of the CCITT X.509
(Directory Authentication Framework) recommendation.
I do agree that it may be premature to provide any recomendations for X.509v3
usage.
It is interesting to compare the features of the PEM-MIME specification to the
goals of the charter. The charter specifically says that:
PEM may be employed with either symmetric or
asymmetric cryptographic key distribution mechanisms.
Should the PEM-MIME specification add support for asymetric cryptography to be
compliant with the charter of PEM?
I also see no mandate to move away from X.509 certificates in the charter of
the group.
Paul
Privacy-Enhanced Electronic Mail (pem)
--------------------------------------
Charter
Current status: active working group
Chair(s):
Stephen Kent <kent(_at_)bbn(_dot_)com>
Security Area Director(s):
Jeffrey Schiller <jis(_at_)mit(_dot_)edu>
Mailing lists:
General Discussion:pem-dev(_at_)tis(_dot_)com
To Subscribe: pem-dev-request(_at_)tis(_dot_)com
Archive: pem-dev-request(_at_)tis(_dot_)com
Description of Working Group:
PEM is the outgrowth of work by the Privacy and Security
Research Group (PSRG) of the IRTF. At the heart of PEM is a set of
procedures for transforming RFC 822 messages in such a fashion as to
provide integrity, data origin authenticity, and, optionally,
confidentiality. PEM may be employed with either symmetric or
asymmetric cryptographic key distribution mechanisms. Because the
asymmetric (public-key) mechanisms are better suited to the large
scale, heterogeneously administered environment characteristic of the
Internet, to date only those mechanisms have been standardized. The
standard form adopted by PEM is largely a profile of the CCITT X.509
(Directory Authentication Framework) recommendation.
PEM is defined by a series of documents. The first in the
series defines the message processing procedures. The second defines
the public-key certification system adopted for use with PEM.
The third provides definitions and identifiers for various
algorithms used by PEM. The fourth defines message formats and conventions for
user registration, Certificate Revocation List (CRL) distribution,
etc. (The first three of these were previously issued as RFCs 1113,
1114 and 1115. All documents have been revised and are being issued
first as Internet-Drafts.)
Goals and Milestones:
Done Submit first, third, and fourth documents as Internet-Drafts.
Ongoing Revise Proposed Standards and submit to IESG for consideration as a
Draft Standard, and repeat for consideration as an Internet Standard.
Done Submit second document as an Internet-Draft.
Done First IETF working group meeting to review Internet-Drafts.
Done Submit revised Internet-Drafts based on comments received during
working group meeting, from pem-dev mailing list, etc.
Done Submit Internet-Drafts to IESG for consideration as Proposed
Standards.
Done Post an Internet-Draft of the MIME/PEM Interaction specification.
Apr 93 Submit the PEM/MIME specification to the IESG for consideration as a
Proposed Standard.
Internet-Drafts:
Posted Revised I-D Title <Filename>
------ ------- ------------------------------------------
Nov 92 Nov 94 <draft-ietf-pem-mime-07.txt>
PEM Security Services and MIME
Jun 94 Jan 95 <draft-ietf-pem-sigenc-03.txt>
Security Multiparts for MIME: Multipart/Signed and
Multipart/Encrypted
Aug 94 New <draft-ietf-pem-ansix9.17-00.txt>
Privacy Enhancement for Internet Electronic Mail: Part V: ANSI
X9.17-Based Key Management
Request For Comments:
RFC Stat Published Title
------- -- ---------- -----------------------------------------
RFC1319 I Apr 92 The MD2 Message-Digest Algorithm
RFC1320 I Apr 92 The MD4 Message-Digest Algorithm
RFC1321 I Apr 92 The MD5 Message-Digest Algorithm
RFC1421 PS Feb 93 Privacy Enhancement for Internet Electronic Mail: Part
I: Message Encryption and Authentication Procedures
RFC1424 PS Feb 93 Privacy Enhancement for Internet Electronic Mail: Part
IV: Key Certification and Related Services
RFC1422 PS Feb 93 Privacy Enhancement for Internet Electronic Mail: Part
II: Certificate-Based Key Management
RFC1423 PS Feb 93 Privacy Enhancement for Internet Electronic Mail: Part
III: Algorithms, Modes, and Identifiers