[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: question to time stamp draft: case of error

To: FRousseau@xxxxxxxxxxxxxxxxx
Subject: Re: question to time stamp draft: case of error
From: Bernd Matthes <mainbug@xxxxxxxxxx>
Date: Tue, 16 Jan 2001 17:22:06 +0100
Cc: Denis.Pinkas@xxxxxxxx, ietf-pkix@xxxxxxx
Organization: Celo Communications -- http://www.celocom.com
References: <>
Reply-to: mainbug@xxxxxxxxxx

> FRousseau@xxxxxxxxxxxxxxxxx wrote:
> 
> Jean-Marc Desperrier (jean-marc.desperrier@xxxxxxxxxxxx) asked a
> similar question in December and Ari Kermaier (arik@xxxxxxxxx) wrote:
> 
> > The PKIFailureInfo structure described in
> draft-ietf-pkix-rfc2510bis-02
> > includes systemFailure(25) which, while not very descriptive, might
> fit the
> > bill for hardware failure.
> 
> Denis, will you be adding systemFailure(25) to the PKIFailureInfo in
> the RFC version of the Time Stamping Protocol?

And additional badSenderNonce(18)?
I think, if a time stamp query contains a wrong nonce, this is also a
helpful value.

BTW,
if a signed ts query is received, it should be possible to send
appropriate
errors send back  like badMessageCheck(1), signerNotTrusted(20) or
notAuthorized(23).
Is it generally planned that the new RFC provides a signed time stamp
query?
The last draft-ietf-pkix-time-stamp-12.txt say nothing about this fact.

> 
> I agree with Jean-Marc and Ari that it would be very useful to add
> this additional value to the PKIFailureInfo since the latest time
> stamping draft currently indicates that:
> 
> "These are the only values of PKIFailureInfo that are supported.
> Compliant servers MUST NOT produce any other values. Compliant clients
> MAY ignore any other values."
> 
> By not adding during the final editing of the RFC
> version, this useful value could not ever be used to indicate this
> type of error.
> 

with kind regards
-- 
Mors certa, hora incerta. In dubio pro mille.
--------------------------------------------------------------------
Bernd Matthes                   Celo Communications GmbH
Senior Software Engineer    	Weissenfelser Strasse 46a   
Nachrichtentechniker            D 06217 Merseburg           
Dipl.-Ing.(FH)                  http://www.celocom.com      
  f. technische Informatik      mailto:mainbug@xxxxxxxxxx   
http://www.worldbug.de          Tel.: +49 3461/3318-0       
mailto:mainbug@xxxxxxxxxxx      Fax:  +49 3461/415072
--------------------------------------------------------------------
"When in doubt, use brute force." (Ken Thompson)

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: question to time stamp draft: case of error
  - From: Denis Pinkas

References:
- RE: question to time stamp draft: case of error
  - From: FRousseau

Prev by Date: RE: Basic Cert-2-Directory mapping question
Next by Date: Re: DPD & DPV Basics
Previous by thread: RE: question to time stamp draft: case of error
Next by thread: Re: question to time stamp draft: case of error
Index(es):
- Date
- Thread