[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Should PKIX protocols support XML well

To: Ambarish Malpani <ambarish@xxxxxxxxxxxx>
Subject: Re: Should PKIX protocols support XML well
From: Timothy Fisher <timothyf@xxxxxxxxxxxxxx>
Date: Sat, 11 Nov 2000 17:28:12 -0500
Cc: "'ietf-pkix@xxxxxxx '" <ietf-pkix@xxxxxxx>
In-reply-to: <>
References: <>
Reply-to: Timothy Fisher <timothyf@xxxxxxxxxxxxxx>

Ambarish,

I support your comments and think they they are well put...

Outside of the IETF, I know from personal experience that there is
a growing opinion that the PKI standards based on ASN1 are "behind the
times."  Those of you who don't agree with that statement, please
don't argue the point to me, I am simply conveying what I feel is a
growing opinion.

The IETF would be wise to consider XML in future PKI work...

-- 
Sincerely,
 Timothy Fisher                       mailto:timothyf@mindspring.com



Friday, November 10, 2000, 2:08:48 PM, you wrote:



AM> There are a bunch of industries/communities that are using XML
AM> throughout their systems - all their messages are in XML, all
AM> their development is in XML and XML is their chosen future
AM> direction.

AM> We may or may not agree about whether this is a wise decision, but
AM> that decision has been made and is one that we (PKIX) can not
AM> change.

AM> Now the question is, do we try and support such groups in their
AM> efforts or do we say: "Sorry, we think you did the wrong thing
AM> by not picking ASN.1, so go figure out how to do public key
AM> cryptography by yourself - we won't help"

AM> My personal bias is that if a significant percent of the world
AM> is headed towards XML, it makes more sense for us to support that
AM> group and make sure that when they do PKI, they do it in a
AM> secure way, rather than ignore that world and have them do PKI
AM> either insecurely, or in n different ways. After having seen
AM> different standards groups, I am quite convinced that IETF
AM> actually do a pretty good job with their specifications and the
AM> thoroughness with which specifications are reviewed. I think it
AM> is our responsibility to help set the standards so that people
AM> can use them in most significant environments, rather than have us
AM> ignore the issue and have people not only do it in less secure
AM> ways, but also have different groups do the same job in
AM> different ways.

AM> [Note: I am not trying to say that IETF should set all standards
AM> in the world, but it does need to acknowledge and react to the
AM> needs of large and diverse groups. And the XML community is one
AM> such group].

AM> Comments?
AM> Ambarish
 

AM> ---------------------------------------------------------------------
AM> Ambarish Malpani
AM> Architect                                                650.567.5457
AM> ValiCert, Inc.                                  ambarish@valicert.com
AM> 339 N. Bernardo Ave.                          http://www.valicert.com
AM> Mountain View, CA 94043

Follow-Ups:
- Re: Should PKIX protocols support XML well
  - From: Paul Koning
- Re: Should PKIX protocols support XML well
  - From: Surendra K Reddy

References:
- Should PKIX protocols support XML well
  - From: Ambarish Malpani

Prev by Date: Re[2]: OCSP-X vs SCVP
Next by Date: Re[2]: OCSP-X vs SCVP
Previous by thread: Re: Should PKIX protocols support XML well
Next by thread: Re: Should PKIX protocols support XML well
Index(es):
- Date
- Thread