[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

charter revisions

Title: charter revisions
Folks,

We were pinged about the need to update the PKIX WG charter, both during the meeting in London, and via a message the chairs received from the IETF Secretariat. So, here is a proposed revision to the charter that Tim and I have developed.  Please review it and provide comments by 8/28, so that we can post the revised charter by the end of the momth.

Thanks,

Steve
-------

Description of Working Group:

The PKIX Working Group was established in the Fall of 1995 with the intent of developing Internet standards needed to support an X.509-based PKI. The scope of PKIX work has expanded beyond this initial goal. PKIX not only profiles ITU PKI standards, but also develops new standards apropos to the use of X.509-based PKIs in the Internet.

PKIX has produced several informational and standards track documents in support of the original and revised scope of the WG. The first of these standards, RFC 2459, profiled X.509 version 3 certificates and version 2 CRLs for use in the Internet. Profiles for the use of LDAP v2 for certificate and CRL storage (RFC 2587), the Internet X.509 Public Key Infrastructure Qualified Certificates Profile (RFC 2875), and the Internet X.509 Public Key Infrastructure Certificate Policy and certification Practices Framework (RFC 2527 - Informational) are in line with the initial scope.

The Certificate Management Protocol (CMP) (RFC 2510), the Online Certificate Status Protocol (OCSP) (RFC 2560), Certificate Management Request Format (CRMF) (RFC 2511),  Certificate Management Messages over CMS (RFC 2797),  Internet X.509 Public Key Infrastructure Time Stamp Protocols (RFC xxxx), and the use of FTP and HTTP for transport of PKI operations (RFC 2585) are representative of the expanded scope of PKIX, as these are new protocols developed in the working group, not profiles of ITU PKI standards.

A roadmap, providing a guide to the growing set of PKIX document, also has been developed as an informational RFC.

Ongoing PKIX Work items

An ongoing PKIX task is the progression of existing, standards track RFCs from PROPOSED to DRAFT. Also, to the extent that PKIX work relates to protocols from other areas, e.g., LDAP, it is necessary to track the evolution of the other protocols and produce updated RFCs. For example, the LDAP v2 documents from PKIX are evolving to address LDAP v3.

New Work items for PKIX

- production of a requirements RFC for delegated path discovery and path validation protocols (DPD/DPV) and subsequent production of RFCs for protocols that satisfy the requirements

- development of an RFC for a logotype extension for certificates

- development of a proxy certificate extension and associated processing rules

Not all of these items may become standards track RFCs. Some may become INFORMATIONAL or EXPERIMENTAL RFCs.

Goals and Milestones:

Done         PROPOSED Standard RFCs for public key and attribute certificate profiles, CMP, OCSP, CMC, CRMF, TSP, Qualified Certificates, LDAP v2 schema, use of FTP/HTTP, Diffie-Hellman POP
Done            INFORMATIONAL RFCs for X.509 PKI policies and practices, use of KEA
Done         Experimental RFC for Data Validation and Certification Server Protocols
8/01             Production of revised certificate and CRL syntax and processing RFC (son-of-2459)
10/01          Progression of CRMF, CMP, and CMP Transport to DRAFT Standard
12/01              Production of revised CMC RFCs (updates and split of CMC into several parts)
12/ 01              DPD/DVP Requirements RFC
12/01           Progression of OCSP to DRAFT Standard
3/02               DPV/DPD Protocols RFCs
3/02              Logotype Extension RFC
3/02              Proxy Certificate RFC
7/02               Progression of CMC RFCs to DRAFT Standard