[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PKCS#7 in PKIX-3

To: ietf-pkix@xxxxxxxxxx, Peter Williams <peter@xxxxxxxxxxxx>
Subject: Re: PKCS#7 in PKIX-3
From: "Housley, Russ" <housley@xxxxxxxxxx>
Date: Mon, 27 Jan 97 12:08:41
Encoding: 1321 Text

Peter:

> My observation that an *unbundled* protection envelope (which encapulates 
> std information objects, rather than protects inner types) be the basis
> of the design is founded on such observation of the success of the above 
> approach in which componentware from multiple sources were bunded by the 
> customers without third-party invention, yet all parties in a staticaly
> configured certification system could agree the actual basis for technical 
> interworking and system msg flow with minimal effort, complete control
> over local security policy maintained in the hands of the procurer, and 
> selection from muliple sources of equivalent product/toolkit/protction 
> technology based on price, availability, and other value-adds  etc.

I think that we are near concensus on this point.  A single 
encapsulation mechanism would be ideal.  PKIX Part 3 contains one 
suggestion, and PKCS #7 contains another.  Carlise provided an 
analysis for the PKIX Part 3 approach.  PKCS #7 has a market 
share that should not be ignored, and the specification is open 
for reivew and update.  Further, RSA has agreed to work with the 
IETF on the PKCS "standards" and give configuration control to 
the IETF where standards track RFCs result.

So, how does the group want to proceed?

Russ

Prev by Date: Info on PKIX standards status
Next by Date: RE: PKCS#7 in PKIX-3
Previous by thread: RE: PKCS#7 in PKIX-3
Next by thread: RE: PKCS#7 in PKIX-3
Index(es):
- Date
- Thread