[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: I-D ACTION:draft-ietf-pkix-okid-01.txt

To: "Denis Pinkas" <Denis.Pinkas@xxxxxxxx>, "Paul Hoffman / IMC" <phoffman@xxxxxxx>
Subject: RE: I-D ACTION:draft-ietf-pkix-okid-01.txt
From: "Max Pritikin" <pritikin@xxxxxxxxx>
Date: Thu, 14 Mar 2002 10:49:49 -0800
Cc: "pkix" <ietf-pkix@xxxxxxx>
Importance: Normal
In-reply-to: <3C90E5F8.EBD07F4E@bull.net>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx


Possibly the end user MUST be informed of the new trust anchor and MUST have
the bulleted items *available* for inspection but only MAY be actually
informed of them.

Thus Paul's point is addressed; that the information is important and really
must be examined and handled -- implementors are coerced into paying
attention to it ("MUST be available"). Denis is correct though that many
users will only be confused by the additional information and thus they only
examine it when needed.

	- Max

> -----Original Message-----
> From: owner-ietf-pkix@xxxxxxxxxxxx
> [mailto:owner-ietf-pkix@xxxxxxxxxxxx]On Behalf Of Denis Pinkas
> Sent: Thursday, March 14, 2002 10:04 AM
> To: Paul Hoffman / IMC
> Cc: pkix
> Subject: Re: I-D ACTION:draft-ietf-pkix-okid-01.txt
>
>
>
> Paul,
>
> Thank you for your *very* quick answer.
>
> (some text deleted)
>
> > So, here is where we get into the discussion of enforcing good
> > security policy. My wording had the bulleted list as MUSTs. You have
> > reduced them past SHOULD to MAY. The result of this is that few
> > implementations will tell end users the effects of what they are
> > doing (a SHOULD would probably do more).
> >
> > I think this reduction is dangerous in that it does not tell the end
> > user enough about the effects of her or his actions; other people
> > would say that it is not our responsibility to insist on telling the
> > end user this.
> >
> > Quite frankly, there are probably lots of implementors who use PKIX
> > toolkits who don't realize all the ramifications of using a trust
> > anchor are. Forcing them to tell their users will make them much more
> > aware of their responsibility.
>
> Many people do not have your or my education in PKI. They are told to
> install a new root. They only need to know how to install it
> properly. They
> do not even know which key they are installing. They got a URL where to
> fetch the self-sigend certificate and then must be sure that what they get
> matches the hash. That's all. They have not the simplest idea of
> what means:
>
>  - the policies used by the issuer of this certificate to issue
> subordinate
>    certificates,
>
>  - the basic constraints placed on the issuer of this certificate,
>
>  - the depth of subordinate chain that can be issued under this
> certificate,
>
>  - the types of names for which the issuer of this certificate can create
>    certificates,
>
>  - the policy constraints placed on the issuer of this certificate.
>
> I believe that the debate should now be between SHOULD and MAY.
>
> Denis
>
>
>
> > --Paul Hoffman, Director
> > --Internet Mail Consortium
>

References:
- Re: I-D ACTION:draft-ietf-pkix-okid-01.txt
  - From: Denis Pinkas

Prev by Date: Re: I-D ACTION:draft-ietf-pkix-okid-01.txt
Next by Date: Attribute Certificates and Privilege Policy
Previous by thread: Re: I-D ACTION:draft-ietf-pkix-okid-01.txt
Next by thread: More Comments on DPD/DPV Requirements
Index(es):
- Date
- Thread