[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TSP/RFC3161] PKIFailureInfo values

To: Ricardo Barroso <ricardo.barroso@xxxxxxxxxxxxx>
Subject: Re: [TSP/RFC3161] PKIFailureInfo values
From: Denis Pinkas <Denis.Pinkas@xxxxxxxx>
Date: Thu, 07 Nov 2002 16:36:04 +0100
Cc: ietf-pkix@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: Bull SA.
References: <> <> <> <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0

Ricardo,

Thank you for the proposal.

Is it fine with Peter (S), Andrew, Peter (G) and Phil  ?
Any proposal from any one else ?

Denis

In my opion in RFC 3161/draft-ietf-pkix-rfc3161bis-00, section 2.4.2.:
   ŤWhen the TimeStampToken is not present, the failInfo indicates the
   reason why the time-stamp request was rejected and may be one of the
   following values.ť
should be replace by something like this:
   ŤWhen the TimeStampToken is not present, the failInfo indicates one
   or more reasons why the time-stamp request was rejected and may be
   one or more of the following values.ť
and:
   ŤThe statusString field of PKIStatusInfo MAY be used to include reason
   text such as "messageImprint field is not correctly formatted".ť
should also be replaced by something like this:
   ŤThe statusString field of PKIStatusInfo MAY be used to include reason(s)
   text such as "messageImprint field is not correctly formatted".ť
I have no experience in writing RFCs and I don't know if my English is the best suited for this cases but it's my proposal.

Denis, I don't know if I got it right, when you say "is not crystal clear when bits are described" do you mean that should be written something more about the bits inside the PKIFailureInfo BIT STRING?
Best regards,
Ricardo Barroso
MULTICERT S.A.
www.multicert.com <http://www.multicert.com>
Denis Pinkas wrote:

Since, you seem to all agree in principle, can some of you propose a full text remplacement, providing the old and new sentence ?

"Only the following values MAY occur" is not crystal clear when bits are described.

Denis

PS. Remember that I am still awaiting an interoperability test so that we can progress the document on the Standards Track.

Peter Sylvester wrote:

Because with RFC 3161 it's possible that exist two compliant systems which can't interoperate properly in some situations because one accepts that PKIFailueInfo contains more than one bit with value one (1) and the other not!

It seems that the text could say 'MAY only be any of the following values'. as the list is a restriction (and extension) of the values define in CMP.

Or: 'Only the following values MAY occur'.

I could detect an invalid hash algorithm and an unsupported extension, an unacceptable policy, and even time source not available all together.

Peter, I agree with you.

Ricardo Barroso

References:
- Re: [TSP/RFC3161] PKIFailureInfo values
  - From: Peter Sylvester
- Re: [TSP/RFC3161] PKIFailureInfo values
  - From: Ricardo Barroso
- Re: [TSP/RFC3161] PKIFailureInfo values
  - From: Denis Pinkas
- Re: [TSP/RFC3161] PKIFailureInfo values
  - From: Ricardo Barroso

Prev by Date: Re: [TSP/RFC3161] PKIFailureInfo values
Next by Date: RE: new version of draft on additional x509 certificate schema for LDAP
Previous by thread: Re: [TSP/RFC3161] PKIFailureInfo values
Next by thread: Re: [TSP/RFC3161] PKIFailureInfo values
Index(es):
- Date
- Thread