[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

509 Feb/Mar Meeting Summary

To: "pkix (E-mail)" <ietf-pkix@xxxxxxx>, "'pki-twg@xxxxxxxx'" <pki-twg@xxxxxxxx>
Subject: 509 Feb/Mar Meeting Summary
From: Sharon Boeyen <sharon.boeyen@xxxxxxxxxxx>
Date: Wed, 20 Mar 2002 13:27:56 -0500
Cc: "Hoyt Kesterson (E-mail)" <hoytkesterson@xxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Title: 509 Feb/Mar Meeting Summary

During the recent 509 meeting we addressed the comments received on the Working Document on new
X.509 enhancements, the ballot results on defect resolutions and new defect reports.
The revised WD on 509 enhancements and the defect related documents will be available
shortly from the ftp site maintained by Hoyt Kesterson (he'll send an email when they're
all there). If anyone needs a copy of these in advance of that, please let me know. Here is
a brief summary of the agreements made at the meeting.

The technical changes to the WD as a result of this meeting are:
- Issue 6 - the syntax of xmlPrivilegeInfo was changed from OCTET STRING to UTF8String
- Issue 13 - the SOA constraint extension was deleted. In its place is a new issue on SOA identifier and
cross-certification
- Issue 14 - The old issue regarding multiple roles was deleted. In its place is a new issue that defines
an attribute and object class for storing privilege policy within attribute certificates.
- Issue 15 - new revocation reason codes. Two earlier proposals (cert issued
in error and change of revocation reason) will not have new reason codes added, but instead
additional text was added to clarify how to signal these. Also a new question was added to this
issue regarding the potential need for a new code to indicate that an algorithm is expected to
be weak and therefore future revocation of a cert is anticipated.
- Issue 24 - a new issue added to deal with the general requirements to handle addition of
new reason codes.
Issue 25 - a new informative annex regarding client side settings for policy for path validation
(note this one is related to DR 289)

In terms of Defect Reports (DR) and Draft Technical Corrigenda (DTC) ballots:
DTC 4 against 4th edition (DR 284,285 & 286) was approved and will be published as TC 2
DTC 11 against 3rd edition (DR 285) was approved and will be published as TC 4

DTC 3 against 4th edition (DR 280, 281 & 282) was revised based on ballot comments and
will be re-ballotted because of the significant amount of change

There is also a set of new defect reports that were discussed and resolutions for these will
also be sent for ballot. The new DRs are:

DR 289 on path processing - re acceptable policies
DR 291 on use of 'encipherment' term in definition of certificates
DR 294 to replace the DER rules in X.509 with reference to ASN.1 DER
DR 296 on default distribution points
DR 297 on CRL issuance requirements
DR 298 on partioned CRLs

Sharon

Sharon Boeyen
Principal, Advanced Security
Tel: 613 270 3181
www.entrust.com

Entrust, Inc.
Securing the Internet

Follow-Ups:
- Re: 509 Feb/Mar Meeting Summary
  - From: Phil Griffin

Prev by Date: Re: WG Last Call: Roadmap
Next by Date: Re: 509 Feb/Mar Meeting Summary
Previous by thread: Re: WG Last Call: Roadmap
Next by thread: Re: 509 Feb/Mar Meeting Summary
Index(es):
- Date
- Thread