[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Straw poll for Algorithm Identifiers in Subject Public Key Info.

To: "Stefan Santesson" <stefans@xxxxxxxxxxxxx>, <ietf-pkix@xxxxxxx>
Subject: RE: Straw poll for Algorithm Identifiers in Subject Public Key Info.
From: "Kemp, David P." <DPKemp@xxxxxxxxxxxxxx>
Date: Tue, 16 Jan 2007 18:08:28 -0500
In-reply-to: <A15AC0FBACD3464E95961F7C0BCD1FF01D6E18B0@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
Thread-index: AccghXxioexQt1yFTtmAmBmOZxqscwUe2l0gAR7VikAACTHeQAABzaig
Thread-topic: Straw poll for Algorithm Identifiers in Subject Public Key Info.

Hmmm, I'd guess that applications would fail, either gracefully
or catastrophically, when faced with an unrecognized Subject
Public Key Info OID.   I did miss the point that they might
falsely accept and misuse the public key, but even after considering
the possibility it still seems highly improbable.

Dave

-----Original Message-----
From: Stefan Santesson [mailto:stefans@xxxxxxxxxxxxx] 
Sent: Tuesday, January 16, 2007 2:09 PM
To: Kemp, David P.; ietf-pkix@xxxxxxx
Subject: RE: Straw poll for Algorithm Identifiers in Subject Public Key
Info.

Thanks Dave,

Let me clarify where I think you missed my point.

I believe that it is less likely that a certificate with a critical
extension will be falsely accepted and misused by an application. I
believe the risk is greater that applications get it wrong and makes
wrong use of a public key if the restriction comes as a public key OID.

But this is just an educated guess.

I agree that it will be hard to define complete mapping info in an
extension. That was my point - It may make the extension overly complex.


Stefan Santesson
Senior Program Manager
Windows Security, Standards

Follow-Ups:
- RE: Straw poll for Algorithm Identifiers in Subject Public Key Info.
  - From: Stefan Santesson

References:
- RE: Straw poll for Algorithm Identifiers in Subject Public Key Info.
  - From: Stefan Santesson

Prev by Date: RE: Straw poll for Algorithm Identifiers in Subject Public Key Info.
Next by Date: RE: Straw poll for Algorithm Identifiers in Subject Public Key Info.
Previous by thread: RE: Straw poll for Algorithm Identifiers in Subject Public Key Info.
Next by thread: RE: Straw poll for Algorithm Identifiers in Subject Public Key Info.
Index(es):
- Date
- Thread