[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: RFC3161(TSP): doubts about tcp protocol

To: "Stephen Kent" <kent@xxxxxxx>, <ietf-pkix@xxxxxxx>
Subject: RE: RFC3161(TSP): doubts about tcp protocol
From: "Gianluca Ramunno" <ramunno@xxxxxxxxx>
Date: Thu, 10 Apr 2003 10:52:29 +0200
Cc: <housley@xxxxxxxxxxxx>
Importance: Normal
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Steve,
I agree with you.
Without a well-defined and mandatory transport protocol, it's quite
difficult to formally define the set of the interoperability tests that are
needed to push forward the TSP on the standard track according to RFC2026.

Regarding the question "which protocol should be mandatory?", in my personal
opinion a good choice may be HTTP.
It might be better profiled than now, e.g. by specifying the use of the POST
method.

The description of the other optional transport protocols should be moved
from the draft body to an informative Annex.

Another question is: is the polling mechanism useful or not? From time to
time there is a debate about it.
The polling mechanism makes the TSP protocol stateful at the transport layer
while it is stateless at the application layer and this is not so good.

In my opinion, if the polling is supposed to be useful, it should be moved
to the application layer. This way this mechanism might be used with any
transport protocol. Such a hypothesis, of course, should take care of the
compatibility with the past.

If the polling is supposed useless, we can leave (and forget) it as is in
the socked-based protocol; but this works only if the socket-based protocol
won't be defined as mandatory.

I think that the polling mechanism can be partially substituted by adding to
'PKIStatus' the following possible value:

<snip from=RFC2510>
waiting                (3),
         -- the request body part has not yet been processed,
         -- expect to hear more later
</snip>

This method doesn't transport back the value of the time to wait for.
On the other side, how may a TSU calculate such time interval?

Gianluca

----------------------------------------------------------------------

Gianluca Ramunno,
Computer and Network Security Group (TORSEC)
Dipartimento di Automatica ed Informatica
Politecnico di Torino - Italy
c/o ICT - Laboratorio di Sicurezza
via Cardinal Massaia 83
10147 Torino

GR e-mail:        ramunno@xxxxxxxxx
TORSEC e-mail:    security@xxxxxxxxx
TORSEC home page: http://security.polito.it


> -----Original Message-----
> From: owner-ietf-pkix@xxxxxxxxxxxx
> [mailto:owner-ietf-pkix@xxxxxxxxxxxx]On Behalf Of Stephen Kent
> Sent: giovedi 10 aprile 2003 0.31
> To: ietf-pkix@xxxxxxx
> Cc: housley@xxxxxxxxxxxx
> Subject: RE: RFC3161(TSP): doubts about tcp protocol
>
>
>
> Folks,
>
> I'd like to suggest a slightly different tact for this discussion.
>
> I think we need to define one transport protocol as a default, and
> make it a MUST implement, so that all clients and all servers are
> capable of communicating, at least in principle.
>
> I'm sorry that I didn't raise this issue earlier, but, better
> late than never?
>
> I'm agnostic as to what protocol we choose (subject to good arguments
> as to why we chose the protocol in question).
>
> I'd also like to solicit Russ's view on this.
>
> Steve

Follow-Ups:
- Re: RFC3161(TSP): doubts about tcp protocol
  - From: Ricardo Barroso

References:
- RE: RFC3161(TSP): doubts about tcp protocol
  - From: Stephen Kent

Prev by Date: RE: RFC3161(TSP): doubts about tcp protocol
Next by Date: Re: Question about the edition of RFC 3280
Previous by thread: RE: RFC3161(TSP): doubts about tcp protocol
Next by thread: Re: RFC3161(TSP): doubts about tcp protocol
Index(es):
- Date
- Thread