[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-ltans-dssc-00 comments

To: Carl Wallace <CWallace@xxxxxxxxxxxx>
Subject: Re: draft-ietf-ltans-dssc-00 comments
From: Thomas Kunz <thomas.kunz@xxxxxxxxxxxxxxxxx>
Date: Mon, 27 Aug 2007 16:10:57 +0200
Cc: ietf-ltans@xxxxxxx
In-reply-to: <886F5D4C78AFB14D87261206BFB9612E1D31D6B9@xxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-ltans/mail-archive/>
List-id: <ietf-ltans.imc.org>
List-unsubscribe: <mailto:ietf-ltans-request@imc.org?body=unsubscribe>
References: <886F5D4C78AFB14D87261206BFB9612E1D31D6B9@xxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-ltans@xxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

Hello Carl,

sorry for the late answer.

Carl Wallace schrieb:

Here are a few comments on DSSC. I'll send an off list email with someeditorial comments.
- In section 4.1, the fifth element in the sequence should be namedSuitableAlgorithm to be consistent with the schema in Appendix B

OK

- The draft should provide some guidance regarding constraints. Forexample, should one define key size constraints per public key algorithmor per each signature algorithm? For policy brevity, the former wouldbe better. Perhaps an alternative would be to bind constraints andvalidity periods within SuitableAlgorithm.

I would also prefer the definition of constraints per public key algorithm.

- Section 5 should include processing for constraints.

OK

- The spec should prohibit including multiple instances of the samealgorithm identifier w/ the same constraints.

OK

- If an ASN.1 version is to be produced, using an enveloping signaturewould make the mapping to CMS easier.

OK. An ASN.1 version should come with the next version of the draft.

- The assumption in Section 3.2 that one must find an old policy inorder to determine if an algorithm was valid at a point in the past istoo complicated. Suitability definitions should accumulate in a singlepolicy definition. An enterprise could maintain several policies. Forexample, one complete, one current and one past policy could be maintained.

In our notion, the policies are published by specific institutions (e.g.annually) and one policy represents the evaluations based on currentknowledge (e.g. on current findings, RSA with 1024 bit key length couldbe valid until end of 2007, but next year a new policy could bepublished which states that RSA 1024 is valid until end of 2008).To expect, that a policy also contains all past evaluations of analgorithms could be error-prone.In our opinion, the question, if the evaluation of an algorithm in anold policy is different from that in the current policy is primarilyimportant in law cases. And there you cannot trust, that the currentpolicy correctly quotes past evaluations, instead you will have to lookin the old policy.


Best regards,
Thomas

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: draft-ietf-ltans-dssc-00 comments
  - From: todd glassey

References:
- draft-ietf-ltans-dssc-00 comments
  - From: Carl Wallace

Prev by Date: draft-ietf-ltans-dssc-00 comments
Next by Date: RE: draft-ietf-ltans-dssc-00 comments
Previous by thread: draft-ietf-ltans-dssc-00 comments
Next by thread: Re: draft-ietf-ltans-dssc-00 comments
Index(es):
- Date
- Thread