[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda

To: "Denis Pinkas" <Denis.Pinkas@xxxxxxxx>, "Stefan Santesson" <stefan@xxxxxxxxxxxxxx>
Subject: Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
From: "todd glassey" <todd.glassey@xxxxxxxxxxxxxxxx>
Date: Tue, 11 Mar 2003 19:13:30 -0800
Cc: <ietf-pkix@xxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <> <> <> <> <> <> <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx


----- Original Message -----
From: "Stefan Santesson" <stefan@xxxxxxxxxxxxxx>
To: "todd glassey" <todd.glassey@xxxxxxxxxxxxxxxx>; "Denis Pinkas"
<Denis.Pinkas@xxxxxxxx>
Cc: <ietf-pkix@xxxxxxx>
Sent: Tuesday, March 11, 2003 3:27 PM
Subject: Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda


>
> Todd,
>
> Is there anything in this statment that reveals any problem with the way
> RFC 3039 defines use of the SN attribute?

No of course not - I wasnt responding to whether there were multiple and
ambiguous uses of the serialNumber attribute in 3039. I was responding to
why one likely should start with one or some known state and increment
upwards monotonically as part of the SN process.

>
> /Stefan
>
> At 14:53 2003-03-11 -0800, todd glassey wrote:
> >Stefan - the key issue is that SN's are only comparable to SN's issued by
> >the same instance or ones that are correlated between instances. The SN
> >itself is a component of the Policy Control process and so it is only
> >relevant to like instances, which is why timestamps are so important -
since
> >they in many senses represent portable SN's - or ones that are easily
> >compared between machines.
> >
> >Todd
> >
> >----- Original Message -----
> >From: "Stefan Santesson" <stefan@xxxxxxxxxxxxxx>
> >To: "Denis Pinkas" <Denis.Pinkas@xxxxxxxx>
> >Cc: <ietf-pkix@xxxxxxx>
> >Sent: Tuesday, March 11, 2003 12:37 PM
> >Subject: Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
> >
> >
> > >
> > > At 17:57 2003-03-11 +0100, Denis Pinkas wrote:
> > >  >I do kown that in fact 676767666767 would allow to uniquely identify
the
> > > individual, but this is not the semantics of that attribute.
> > >
> > > Denis,
> > >
> > > Where is the semantics broken?
> > >
> > > Who says that a serial number need to start with 1 and be sequential
with
> > > increment = 1
> > >
> > > You have only to look at most software products, TV sets or similar to
see
> > > another truth.
> > > 676767666767 is a perfectly fine serial number to me.
> > >
> > > /Stefan
> > >
> > >
> > >
> > >
> > > _____________________________
> > > Stefan Santesson,  Retrospekt AB
> > > http://www.retrospekt.com
> > > +46-706 443351
> > >
>
> _____________________________
> Stefan Santesson,  Retrospekt AB
> http://www.retrospekt.com
> +46-706 443351
>

References:
- Re: The IETF 56 - PKIX Agenda
  - From: Peter Gutmann
- Re: The IETF 56 - PKIX Agenda
  - From: Jimi Thompson
- RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
  - From: Stefan Santesson
- Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
  - From: Stefan Santesson
- Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
  - From: Anders Rundgren
- Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
  - From: Stefan Santesson
- Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
  - From: Stefan Santesson

Prev by Date: Draft Agenda for PKIX
Next by Date: Re: Certificate Policies (was Re: Trivial PKI Question)
Previous by thread: Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
Next by thread: Re: RFC 3039 problems - Was: Re: The IETF 56 - PKIX Agenda
Index(es):
- Date
- Thread