Re: PEM standards status

Peter,

I believe that it is useful to separate the issues
that involve certificate requests and certificates from 
their use for web transaction security or for 
securing mail messages. Since W3C is focused on only
one aspect of certificate use, I believe they don't
provide a sufficiently wide venue for these issues.

The PKIX working group of the IETF is chartered to 
develop a standard for Public Key Infrastructure
which incudes the certification issues and is currently quite
active.

The focus of this group is to provide a set of internet profiles
for the use of X.509 v3 extensions. The Internet Draft
this group has produced describes
proposed protocols for the exchanges between a certificate user and
a certificate issuer.

Regards,
Randy 




At 04:54 PM 12/18/95 -0500, Peter Williams wrote:

The IETF SAD has, I believe, acted to cease the activities of
the PEM WG, though its mailing list can live on to assist
MOSS and other related activites be implemented and deployed.
the basis was that PEM was dead, and MOSS had achieved RFC status
requiring no further WG member involvement in its furtherance.

A strange phenomenon is occuring: Web-centric PEM deployment in
a commercial application. A significant number of PEM messages are
flowing between Verisign and users of secure httpd servers for the
purposes of key management. Even more PKCS#10&#7 formatted messages
are flowing, but the point is a select group of folk chose to adopt
PEM as their standard for key management message security as suggested
by the SSLREF package.

How do people feel about the status of the PEM RFCs. I assume noone
is acting to push them through IESG standards processes. Is it
acceptable IETF behaviour to simply use an RFC, and not pursue
standardization processes?

The developers need a home to discuss, advance etc. Would it be acceptable
to have this PEM-centric forum located in W3C, versus IETF? AS IETF has
kind of "done with" PEM (with a certain amount of disillusionment
and its replacement with the totally revised MOSS),
could others take over its technical furtherance without causing any
inter-body acrimony?

Anyone have any opinions they would care to share?

<Prev in Thread]	Current Thread	[Next in Thread>
PEM standards status, Peter Williams Re: PEM standards status, Ned Freed Re: PEM standards status, hallam Re: PEM standards status, David M. Balenson Re: PEM standards status, Amanda Walker Re: PEM standards status, Randy Catoe <= Re: PEM standards status, Ali Bahreman Re: PEM standards status, Donald E. Eastlake 3rd re:PEM standards status, warwick (w.s.) ford Re: PEM standards status, Stephen Kent Re: PEM standards status, Donald E. Eastlake 3rd Re: PEM standards status, Ned Freed Re: PEM standards status, Ali Bahreman Re: PEM standards status, Dave Crocker Re: PEM standards status, Ali Bahreman Re: PEM standards status, Dave Crocker

Previous by Date:	Re: PEM standards status, Amanda Walker
Next by Date:	Re: PEM standards status, hallam
Previous by Thread:	Re: PEM standards status, Amanda Walker
Next by Thread:	Re: PEM standards status, Ali Bahreman
Indexes:	[Date] [Thread] [Top] [All Lists]