[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PKCS#7 in PKIX-3

To: ietf-pkix@xxxxxxxxxx
Subject: Re: PKCS#7 in PKIX-3
From: Warwick Ford <wford@xxxxxxxxxxxx>
Date: Fri, 31 Jan 1997 16:57:57 -0800

>From observation of many prior standardization activities, I suggest that
solutions built by incrementally advancing existing, accepted,
well-understood solutions have been far more successful than attempts to
define something totally new, even if the latter was technically superior.

I believe this same feeling was supported by strong concensus in the San
Jose PKIX meeting.  If PKCS#7 satisfies requirements for many people, and
some incremental extensions to PKCS#7 would satisfy requirements for
everyone, then this is clearly far more likely to be accepted as a standard
than a totally new invention such as the proposal in the December I-D.

I would hate to see us use up scarce resources on a new protocol which lacks
broad buy-in from day one.

I would appreciate hearing opinions from other members of the list.

Warwick


At 12:08 PM 1/27/97, you wrote:
>
>Peter:
>
>> My observation that an *unbundled* protection envelope (which encapulates 
>> std information objects, rather than protects inner types) be the basis
>> of the design is founded on such observation of the success of the above 
>> approach in which componentware from multiple sources were bunded by the 
>> customers without third-party invention, yet all parties in a staticaly
>> configured certification system could agree the actual basis for technical 
>> interworking and system msg flow with minimal effort, complete control
>> over local security policy maintained in the hands of the procurer, and 
>> selection from muliple sources of equivalent product/toolkit/protction 
>> technology based on price, availability, and other value-adds  etc.
>
>I think that we are near concensus on this point.  A single 
>encapsulation mechanism would be ideal.  PKIX Part 3 contains one 
>suggestion, and PKCS #7 contains another.  Carlise provided an 
>analysis for the PKIX Part 3 approach.  PKCS #7 has a market 
>share that should not be ignored, and the specification is open 
>for reivew and update.  Further, RSA has agreed to work with the 
>IETF on the PKCS "standards" and give configuration control to 
>the IETF where standards track RFCs result.
>
>So, how does the group want to proceed?
>
>Russ
>
>
---------------------------------------------------------------------
Warwick Ford, VeriSign, Inc., One Alewife Center, Cambridge, MA 02140
   wford@verisign.com; Tel: (617)492 2816 x225; Fax: (617)661 0716
---------------------------------------------------------------------

Prev by Date: RE: PKCS#7 in PKIX-3
Next by Date: [no subject]
Previous by thread: RE: PKCS#7 in PKIX-3
Next by thread: Re: PKCS#7 in PKIX-3 -Reply
Index(es):
- Date
- Thread