[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Clarification of ISO-IEC 18014 documents

To: "Young H Etheridge" <yhe@xxxxxxxxxxxxxxx>, "Carl Wallace" <CWallace@xxxxxxxxxxxx>
Subject: RE: Clarification of ISO-IEC 18014 documents
From: "Tobias Gondrom" <tgondrom@xxxxxxxxxxxx>
Date: Thu, 18 Jan 2007 13:42:12 +0100
Cc: <ietf-ltans@xxxxxxx>
List-archive: <http://www.imc.org/ietf-ltans/mail-archive/>
List-id: <ietf-ltans.imc.org>
List-unsubscribe: <mailto:ietf-ltans-request@imc.org?body=unsubscribe>
Sender: owner-ietf-ltans@xxxxxxxxxxxx
Thread-index: Acc6pGNf6iChZe6kS3KzPe8bWavt3gAWMpJQ
Thread-topic: Clarification of ISO-IEC 18014 documents

To my knowledge about at least 6 implementations of ERS already exist -
some of them done by large or very large ISVs (in its draft versions
between 06 and 09) - and at least some of them have been long waiting
for the ERS to be released and definitely consider the ISO 18014 under
no circumstances as an alternative (but as an extension) nor will they
shift their development to it. 

Tobias



> -----Original Message-----
> From: owner-ietf-ltans@xxxxxxxxxxxx
[mailto:owner-ietf-ltans@xxxxxxxxxxxx]
> On Behalf Of Young H Etheridge
> Sent: Thursday, January 18, 2007 2:47 AM
> To: Carl Wallace
> Cc: ietf-ltans@xxxxxxx
> Subject: Re: Clarification of ISO-IEC 18014 documents
> 
> 
> Yes, the spec is rather opaque in that regard.  Fortunately,
> 18014-1-revised will do so.
> 
> It seems to me that aggregation would need to be built into extRenewal
> or other EXTENSIONS in a standard way.
> 
> I agree the opportunity for change has been waiting about for well
over
> a year.  How many applications are ready for this draft to be a
standard?
> 
> Carl Wallace wrote:
> >
> > I see.  So it does address the coverage of original and current
hashes
> > (if only the spec had included language about verification of
> > extRenewal I might have caught that).  How about support for
> > aggregation?
> >
> > Aside from the technical bits, there's also the question of whether
an
> > 11th hour request like this is justifiable.
> >
> > > -----Original Message-----
> > > From: Young H Etheridge [mailto:yhe@xxxxxxxxxxxxxxx]
> > > Sent: Wednesday, January 17, 2007 5:33 PM
> > > To: Carl Wallace
> > > Cc: ietf-ltans@xxxxxxx
> > > Subject: Re: Clarification of ISO-IEC 18014 documents
> > >
> > > As I understand the process:
> > >
> > > A TSA that supports renewal requests, in response:
> > >   - generates a new TSTInfo,
> > >   - copies the hash value from the request into the TSTInfo,
> > >   - copies the extRenewal extension from the request into an
> > > extRenewal
> > >     extension of the TSTInfo with this extRenewal containing
> > > the desired
> > >     original TS,
> > >   - sets the current time and fills in the other fields of
> > > TSTInfo, and
> > >   - proceeds to generate the renewal timestamp token for this
TSTInfo.
> > >
> > > Unless I misunderstand the process this renewal timestamp
> > > token covers both the submitted hash value and the previous
> > > timestamp token regardless of the method is used by the TSA
> > > for generating the ContentInfo.
> > >
> > > This process is echoed in the revised 18014-1text.
> > >
> > > Carl Wallace wrote:
> > > >
> > > > In response to Denis' post, I reviewed the mechanisms in
> > > 18014-3.  How
> > > > do those align with the text from -1?
> > > >
> > > > > -----Original Message-----
> > > > > From: Young H Etheridge [mailto:yhe@xxxxxxxxxxxxxxx]
> > > > > Sent: Wednesday, January 17, 2007 4:19 PM
> > > > > To: CWallace@xxxxxxxxxxxx
> > > > > Cc: ietf-ltans@xxxxxxx
> > > > > Subject: Clarification of ISO-IEC 18014 documents
> > > > >
> > > > > Carl,
> > > > >
> > > > > A clarification of the ISO 18014 documents may be useful.
> > > > >
> > > > > ISO-IEC 18014-1-2002 uses the term TS reissue to intend
> > > TS renewal
> > > > > in the terms as expressed in WG communications of late.  I
quote:
> > > > > "A time-stamp re-issue may also be necessary when the
> > > hash--function
> > > > > used to form the hash value from the original data is called
into
> > > > > question.  In this case, both the old time-stamp token and the
> > > > > original data must be included in the newly calculated hash
value
> > > > > submitted for time-stamp reissue."
> > > > >
> > > > > A revision of 18014-1 is in-progress.  The term reissue is
being
> > > > > replaced with renewal along with descriptive information
> > > that makes
> > > > > the point clear that a renewal contains a hash of the data
along
> > > > > with the hash of the original TS that is being renewed.  The
new
> > > > > description is quite clear in regard to creation and
> > > verification of
> > > > > renewal.
> > > > >
> > > > > Furthermore, ANSI X9.95 is consistent on renewal with
> > > those found in
> > > > > 18014-2-2002, 18014-3-2004 and the revision of 18014-1-2002.
> > > > >
> > > > > I hope this helps.
> > > > >
> > > > > yhe
> > > > >
> > > >
> > >
> >

Prev by Date: RE: Clarification of ISO-IEC 18014 documents
Next by Date: RE: Clarification of ISO-IEC 18014 documents
Previous by thread: RE: Clarification of ISO-IEC 18014 documents
Next by thread: RE: Clarification of ISO-IEC 18014 documents
Index(es):
- Date
- Thread