[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Should PKIX protocols support XML well

To: Timothy Fisher <timothyf@xxxxxxxxxxxxxx>
Subject: Re: Should PKIX protocols support XML well
From: Surendra K Reddy <skreddy@xxxxxxxxxxxxx>
Date: Sat, 11 Nov 2000 15:23:53 -0800 (PST)
Cc: Ambarish Malpani <ambarish@xxxxxxxxxxxx>, "'ietf-pkix@xxxxxxx '" <ietf-pkix@xxxxxxx>
In-reply-to: <>

I do agree with both of you on this. Around 2 years back, I have 
implemented PKIX operational protocols using XML(XSN.1 -- XML
Syntax Notation 1) encoding as a proof of concept and I also 
submitted a draft to ietf called WebCAP. There was a push back from PKIX
working group supporting XML based PKIX protocols. Now XML being used in
every sort of application, It is critical to support the effort to
standardize PKIX/XML.

Surendra Reddy
(650) 506 5441

On Sat, 11 Nov 2000, Timothy Fisher wrote:

> 
> Ambarish,
> 
> I support your comments and think they they are well put...
> 
> Outside of the IETF, I know from personal experience that there is
> a growing opinion that the PKI standards based on ASN1 are "behind the
> times."  Those of you who don't agree with that statement, please
> don't argue the point to me, I am simply conveying what I feel is a
> growing opinion.
> 
> The IETF would be wise to consider XML in future PKI work...
> 
> -- 
> Sincerely,
>  Timothy Fisher                       mailto:timothyf@mindspring.com
> 
> 
> 
> Friday, November 10, 2000, 2:08:48 PM, you wrote:
> 
> 
> 
> AM> There are a bunch of industries/communities that are using XML
> AM> throughout their systems - all their messages are in XML, all
> AM> their development is in XML and XML is their chosen future
> AM> direction.
> 
> AM> We may or may not agree about whether this is a wise decision, but
> AM> that decision has been made and is one that we (PKIX) can not
> AM> change.
> 
> AM> Now the question is, do we try and support such groups in their
> AM> efforts or do we say: "Sorry, we think you did the wrong thing
> AM> by not picking ASN.1, so go figure out how to do public key
> AM> cryptography by yourself - we won't help"
> 
> AM> My personal bias is that if a significant percent of the world
> AM> is headed towards XML, it makes more sense for us to support that
> AM> group and make sure that when they do PKI, they do it in a
> AM> secure way, rather than ignore that world and have them do PKI
> AM> either insecurely, or in n different ways. After having seen
> AM> different standards groups, I am quite convinced that IETF
> AM> actually do a pretty good job with their specifications and the
> AM> thoroughness with which specifications are reviewed. I think it
> AM> is our responsibility to help set the standards so that people
> AM> can use them in most significant environments, rather than have us
> AM> ignore the issue and have people not only do it in less secure
> AM> ways, but also have different groups do the same job in
> AM> different ways.
> 
> AM> [Note: I am not trying to say that IETF should set all standards
> AM> in the world, but it does need to acknowledge and react to the
> AM> needs of large and diverse groups. And the XML community is one
> AM> such group].
> 
> AM> Comments?
> AM> Ambarish
>  
> 
> AM> ---------------------------------------------------------------------
> AM> Ambarish Malpani
> AM> Architect                                                650.567.5457
> AM> ValiCert, Inc.                                  ambarish@valicert.com
> AM> 339 N. Bernardo Ave.                          http://www.valicert.com
> AM> Mountain View, CA 94043
> 
> 
>

References:
- Re: Should PKIX protocols support XML well
  - From: Timothy Fisher

Prev by Date: Re[2]: OCSP-X vs SCVP
Next by Date: Re: OCSP-X vs SCVP
Previous by thread: Re: Should PKIX protocols support XML well
Next by thread: Re: Should PKIX protocols support XML well
Index(es):
- Date
- Thread