RE: Comments on [MANDATORY cert discovery capabiity]

[Russ Housley <housley@xxxxxxxxxx>]

>>On other matters, you may want to clean up fast:-
>>
>>the oids for:-
>>
>>     - Example InfoTypeAndValue contents include, but are not limited to:
>>       --   { CAProtEncCert    = { xx }, Certificate                     }
>>       --   { SignKeyPairTypes = { xx }, SEQUENCE OF AlgorithmIdentifier }
>>       --   { EncKeyPairTypes  = { xx }, SEQUENCE OF AlgorithmIdentifier }
>>       --   { PreferredSymmAlg = { xx }, AlgorithmIdentifier             }
>>       --   { CAKeyUpdateInfo  = { xx }, CAKeyUpdAnnContent              }
>>         --   { CurrentCRL       = { xx }, CertificateList
>
>Probably the fastest way to get numbers reserved here is to assign these
>under the "id-pkix" arc.  I see (from the most recent Part 1 draft) that
>this is defined to be:
>
>   id-pkix  OBJECT IDENTIFIER  ::= 
>      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
>mechanisms(5) pkix(7) }
>
>and that under this, the values 1, 2, 3, and 48 have already been
>assigned.  I hereby propose that we reserve
>{ id-pkix 4 } for "id-pkix-cmp-infoType" and, under this, reserve the
>values 1 through 6 for the examples given above (in the order given).
>
>Are there any objections to this (specifically, has { id-pkix 4 } been
>assigned already for something I didn't notice)?  I see that IANA has
>Russ Housley's name beside "id-pkix".  Russ, does this mean that I can
>simply ask you to reserve these numbers, or do I have to go through IANA
>anyway (from what I understand, I think the former is the case)?

Carlisle:

The IANA has delegated the management of the PKIX Arc to me.  I will gladly
assign the OIDs that you request.  In fact, I will post the current
contents of the registry to the list so that everyone knows the current
state of it.

Russ