[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: I-D ACTION:draft-ietf-pkix-certpathbuild-01.txt

To: <ietf-pkix@xxxxxxx>
Subject: RE: I-D ACTION:draft-ietf-pkix-certpathbuild-01.txt
From: "Peter Hesse" <pmhesse@xxxxxxxxxxxxxxxxxx>
Date: Fri, 3 Oct 2003 09:17:55 -0400
Importance: Normal
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: Gemini Security Solutions, Inc.
Sender: owner-ietf-pkix@xxxxxxxxxxxx

All,

To save everyone the trouble of trying to read through our entire
internet draft a second time, the following lists outline the main
changes made in the document since version 00.

Overall changes:
- made certain terminology more consistent ("certification 
   path" throughout the document instead of "certificate path", 
   "cert path", etc.)
- softened the tone; made it clear that the document provides 
   informational recommendations and does not prescribe a 
   particular method for certification path building
- removed statements on the document providing guidance based 
   on "best practices" but instead explicitly defined the 
   motivation and purpose behind the document, as well as the 
   criteria that led to the guidance provided. 
- removed some non-ascii characters that had snuck in

Specific changes:
- Thoroughly updated section 1.1 (Motivation) and 1.2 (Purpose)
- updated terminology section to include a few additional terms
- updated mesh PKI figure to better differentiate it from other
   structures
- included a section (2.2) that clearly identifies the authors'
   criteria for a path building implementation
- broke up section 2.4 (How to Build a Certification Path) with
   some subsections
- added section 3.3 (Representing the Decision Tree 
   Programmatically)
- updated section 3.5 to include additional information about 
   the sorting methods that follow.  Sorting methods are no 
   longer called "rules".
- added section 5.4 (Distinguished Name Encoding)
- added section 6.3 (Subject Information Access)

Cheers,

--Peter Hesse

+---------------------------------------------------------------+
| Peter Hesse                    pmhesse@xxxxxxxxxxxxxxxxxx     |
| Phone: (703)934-2031         Gemini Security Solutions, Inc.  |
| ICQ: 1942828                     www.geminisecurity.com       |
+---------------------------------------------------------------+
"Pay no attention to what the critics say; there has never been 
a statue set up in honor of a critic." --Jean Sibelius


-----Original Message-----
From: owner-ietf-pkix@xxxxxxxxxxxx [mailto:owner-ietf-pkix@xxxxxxxxxxxx]
On Behalf Of Internet-Drafts@xxxxxxxx
Sent: Thursday, October 02, 2003 10:51 AM
To: IETF-Announce:; pmhesse@xxxxxxxxxxxxxxxxxx
Cc: ietf-pkix@xxxxxxx
Subject: I-D ACTION:draft-ietf-pkix-certpathbuild-01.txt


A New Internet-Draft is available from the on-line Internet-Drafts
directories. This draft is a work item of the Public-Key Infrastructure
(X.509) Working Group of the IETF.

	Title		: Internet X.509 Public Key Infrastructure:

                          Certification Path Building
	Author(s)	: M. Cooper, Y. Dzambasow et al.
	Filename	: draft-ietf-pkix-certpathbuild-01.txt
	Pages		: 67
	Date		: 2003-10-2
	
This document was written to provide guidance and recommendations to 
developers building X.509 public-key certification paths within their 
applications.  By following the guidance and recommendations defined 
in this document, an application developer is more likely to develop 
a robust X.509 certificate enabled application that can build valid 
certification paths across a wide range of PKI environments.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-pkix-certpathbuild-01.txt

To remove yourself from the IETF Announcement list, send a message to 
ietf-announce-request with the word unsubscribe in the body of the
message.

Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
	"get draft-ietf-pkix-certpathbuild-01.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html 
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt


Internet-Drafts can also be obtained by e-mail.

Send a message to:
	mailserv@xxxxxxxxx
In the body type:
	"FILE /internet-drafts/draft-ietf-pkix-certpathbuild-01.txt".
	
NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail
readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.
		
		
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

Follow-Ups:
- RE: I-D ACTION:draft-ietf-pkix-certpathbuild-01.txt
  - From: Alice Sturgeon

References:
- I-D ACTION:draft-ietf-pkix-certpathbuild-01.txt
  - From: Internet-Drafts

Prev by Date: RE: OCSP response pre-production
Next by Date: RE: OCSP response pre-production
Previous by thread: I-D ACTION:draft-ietf-pkix-certpathbuild-01.txt
Next by thread: RE: I-D ACTION:draft-ietf-pkix-certpathbuild-01.txt
Index(es):
- Date
- Thread