[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"Push" TAM Protocols. Was: Asessment of TAMP with vendor hat on

To: <ietf-pkix@xxxxxxx>
Subject: "Push" TAM Protocols. Was: Asessment of TAMP with vendor hat on
From: "Anders Rundgren" <anders.rundgren@xxxxxxxxx>
Date: Thu, 20 Dec 2007 18:05:36 +0100
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <9F11911AED01D24BAA1C2355723C3D320A10F36C10@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx osoft.com> <82D5657AE1F54347A734BDD33637C8790A0908FA@xxxxxxxxxxxxxxxxxxxxxxxx> <9F11911AED01D24BAA1C2355723C3D320A10F36C45@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx osoft.com> <82D5657AE1F54347A734BDD33637C8790A0FBE59@xxxxxxxxxxxxxxxxxxxxxxxx> <9F11911AED01D24BAA1C2355723C3D320A10F3756A@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx osoft.com> <> <9F11911AED01D24BAA1C2355723C3D320A10F37928@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

I fully agree with Stefan's conclusions.

Now to the possible query/response protocol.

I don't see why anybody (be it consumer or enterprise) would be interested in opening a hole in the firewall allowing inbound TA-TTP
updates to for example the browser TA store.

This does however not dismiss such a protocol, it just narrows the scope.  IMHO, this may even increase the chances that it
succeeds.

If we rather think of the scope as a set of networked devices (servers, routers etc) centrally managed by an organization, you may
indeed want to have an immediate update rather than waiting for the local "pull" scheme to kick in.

If I were to design such a protocol I would base it on Web Services to not end-up with yet another esoteric protocol that you must
ask IT to support.

But as earlier stated, I'm not going to follow the protocol port of TAM, so please feel free using ASN.1 and registering TCP ports.
It was just a friendly advice from a person who see deployment and adoption as a bigger hurdle than passing a final call in IETF.

Another possibility which I unfortunately has zero knowledge of, could be using SNMP.

Anders Rundgren
With the independent observer hat on

Follow-Ups:
- Re: "Push" TAM Protocols. Was: Asessment of TAMP with vendor hat on
  - From: Stephen Kent

References:
- RE: Asessment of TAMP with vendor hat on
  - From: Santosh Chokhani
- RE: Asessment of TAMP with vendor hat on
  - From: Santosh Chokhani
- RE: Asessment of TAMP with vendor hat on
  - From: Stephen Kent
- RE: Asessment of TAMP with vendor hat on
  - From: Stefan Santesson

Prev by Date: Re: RFC 3280bis and URI schemes without hostname
Next by Date: straw polls closed
Previous by thread: RE: Asessment of TAMP with vendor hat on
Next by thread: Re: "Push" TAM Protocols. Was: Asessment of TAMP with vendor hat on
Index(es):
- Date
- Thread