RE: comments on draft-ietf-ltans-pki-retention-00.txt

["Carl Wallace" <cwallace@xxxxxxxxxxxx>]

<snip>
> - ERS is not the only service using certificates; we are here 
> talking about certificate management, which includes all kind 
> of certficates within an organisation
> - these are mainly policy oriented issues, e.g. the choice of 
> a specific certificate also includes a set of very complex 
> rules (CPS, Signature laws, inhouse rules et.al.) which 
> define the basics such as keeping the necessary verification 
> or revocation data

The choice of which certificate to use for a particular operation is
made before the events being addressed by LTANS.  The ERS/SCVP and
retention drafts aim to preserve certificates so these decisions can be
independent of the preservation of signed data.

> - how to keep this information is policy dependent and must 
> be managed by the organisation: --> risk management

Agreed.
 
> So the first thing will be to define the adequate 
> certificate/PKI/ policy  for your needs and then decide abou 
> the necessary cert.  
> management structure. Legally spoken: it is my responsibility 
> to store the necessary verification data, how I will do that, 
> should remain in my responsibility. Having said this, I do 
> not think this should be part of the LTANS standard.

Do you think LTANS specs can play a role here, i.e., ERS?  If not, what
specs apply?  The retention spec defines an optional binding between
certs and evidence records that enables you to fulfill your
responsibility of preserving the necessary verification data.  It's not
clear to me that certs must be preserved as part of a signed data object
especially since not doing this has significant benefit, e.g., storage
savings and decoupling trust anchors from signed data.

<snip>