[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

TSA draft V7

To: PKIX mailing group <ietf-pkix@xxxxxxx>
Subject: TSA draft V7
From: Michael Zolotarev <mzolotarev@xxxxxxxxxxxxx>
Date: Fri, 28 Apr 2000 13:02:14 +1000
Cc: denis.pinkas@xxxxxxxx

A few more remarks:
 
The draft says:
"If the certReq field is present and set to true, the TSA's public key
certificate that is referenced by the ESSCertID attribute must be provided
by the TSA in the Certificate Values attribute and incorporated in the
response. The certificate Values attribute may also contain other
certificates.
If the certReq field is missing, or if the certReq field is present and set
to false then no Certificate Values attribute shall be present."
 
Q1. "Certificate Values attribute". What is it? Was it meant to be the
signedData::Certificates field?
 
Q2. If the certReq field is missing in the request, should it be up to the
TSA to decide whether to include the cert of not?
 
Q3. somehow it seems more reasonable to default the certReq to TRUE. This
way TSA would be well-behaving with no extra efforts.
 

General comments:

C1. The draft uses both id-ad-timeStamping and id-pkix-ad-timestamping OIDs.
I'd prefer "pkix" to be preserved as part of the name.

C2. PKIXTSP is defined but never referenced.

Regards

M

Follow-Ups:
- Re: TSA draft V7
  - From: Denis Pinkas

Prev by Date: TSA draft V7.0
Next by Date: time-stamp-draft-7
Previous by thread: TSA draft V7.0
Next by thread: Re: TSA draft V7
Index(es):
- Date
- Thread