Stefan,
If you read the PI draft there is no mentioning of RFC3039 or existing practices for representing permanent identifiers. The culprit is the following line describing "serialNumber":
"It MAY contain a number or code assigned by the CA or an identifier assigned by a government or civil authority"
This is also one of the existing practices.
However, in various messages, the PI practices as well as RFC3039 is held as being a violation of PKI(X) standards and therefore should be deprecated.
Note: I don't think Denis and the others have the guts to require a deprecation in the upcoming RFC3039 revision, they sort of prefer to make incompatible RFCs instead to show their dismay.
That is their way to play in the PKIX kindergarten, I have mine as somebody noted :-)
I prefer setting the record straight and go on, to hopefully be able to enter the PKIX primary school some day...
Anders
----- Original Message -----
From: "Stefan Santesson" <stefan@xxxxxxxxxxxxxx>
To: "Anders Rundgren" <anders.rundgren@xxxxxxxxx>; "Peter Gutmann" <pgut001@xxxxxxxxxxxxxxxxx>; <ietf-pkix@xxxxxxx>; "Jimi Thompson"
<jimit@xxxxxxxxxxxxx>
Sent: Monday, March 10, 2003 09:52
Subject: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
Anders,
Sorry, but I couldn't figure out from this message what the problem with RFC 3039 are. Could you reveal them? (Short list in condensed form is OK)
/Stefan
At 21:33 2003-03-08 +0100, Anders Rundgren wrote:
>Hi Jimi,
>Actually we have a non-kindergarten problem as well. That there is
>no agenda unfortunately also describes the state of PKIX and its
>leadership. PKIX have many items in the workings that have not
>been properly pitted against other solutions and therefore probably
>never will get any real support.
>
>One of these things is the PI (permanent identifier) draft, which is
>unique in the sense that it does not support *any* existing CAs using such
>schemes. What's even more odd is that the authors and Dr. Kent are
>proud of that, due to some more or less religious beliefs that the "market"
>(only in Scandinavia encompassing some 10-15M subscribers) are
>deliberately violating PKI standards. That these CAs are 100%
>compliant with RFC3039, Dr. Kent claims depends on that the RFC
>authors were PAID by the CAs to make this RFC compliant to their
>"lousy" scheme. But if RFC3039 were incorrect it should never have
>passed the RFC process. But no one said a word. As at least one of
>the RFC authors is a top scientist, I rather think that it is Dr. Kent and
>his tired lot, that are simply obstructing progress for reasons unknown
>to me.
>
>Anders
>
>----- Original Message -----
>From: "Jimi Thompson" <jimit@xxxxxxxxxxxxx>
>To: "Peter Gutmann" <pgut001@xxxxxxxxxxxxxxxxx>;
><anders.rundgren@xxxxxxxxx>; <ietf-pkix@xxxxxxx>
>Sent: Saturday, March 08, 2003 19:19
>Subject: Re: The IETF 56 - PKIX Agenda
>
>
>
>Hmmm.....you realize of course that we have a far more interesting
>phenomenon to study here. It seems that certain of the PKIX member
>have been suddenly time warped back to kindergarten. We need to do
>three things - 1) figure out how to get them back, 2) figure out how
>to make money off this thing (I'm thinking pay-per-view) and 3) here
>in the States we don't use custard, we use Jello since it's cheaper.
>
>
> >"Anders Rundgren" <anders.rundgren@xxxxxxxxx> writes:
> >
> >>In the absence of a published agenda I take the liberty to create one
> which I
> >>think could gather some interest :-)
> >
> >You forgot the main event:
> >
> > What needs to be done to make PKI work?
> >
> > This forum will be open to all PKIX members, and will constitute a large
> > pool filled knee-deep with custard [1]. Marquis of Queensberry
> Rules, but
> > with pies substituted for gloves. Participants are expected to provide
> > appropriate clothing. Remaining IETF members will look on in
> amusement or
> > dismay, depending on their views on PKI.
> >
> >Peter.
> >
> >[1] Adrian Mitchell fans may hold the event in the Royal Albert Hall
> instead.
>
>
>--
>Thanks,
>
>Ms. Jimi Thompson, CISSP, Rev.
>
>"If the automobile had followed the same development cycle as the
>computer, a Rolls-Royce would today cost $100, get a million miles
>per gallon, and explode once a year, killing everyone inside." --
>Robert Cringely
_____________________________ Stefan Santesson, Retrospekt AB http://www.retrospekt.com +46-706 443351