[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Last Call (CMP proof-of-possession)

To: ietf-pkix@xxxxxxxxxx
Subject: Re: Last Call (CMP proof-of-possession)
From: dpkemp@xxxxxxxxxxxxxx (David P. Kemp)
Date: Thu, 9 Oct 1997 10:47:51 -0400

> From: "Peter Williams" <peter@verisign.com>
> 
> I judge things at 4 = 4 actually. One can throw in the authors
> and bias the count, I suppose. But perhaps that is not fair
> as they represented the comments and concensus, not their own
> opinions.
> 
> But this posturing is purile. The material arguments were made last time
> we debated this issue and came to a concensus represented
> by the next several versions of the draft.


Achieving "rough consensus" is puerile?  Following IETF procedure for
working group Last Call is improper?

The concensus that was reached was that the PKIX documents were dragging
on for far too long in Internet Draft stage.  I was present at the meeting
where the change was made, and I believe that the document editor will
confirm that the RECOMMENDED wording was inserted not because consensus
was achieved on the merits, but out of a desire to avoid a fillibuster
by a small number of individuals.


By my count, the Last Call tally is:

REQUIRED      RECOMMENDED    Unknown
--------      -----------    ----------
Kemp          Williams       Shuttleworth
Beattie       Povey          Simonetti
Lockhart      mfSmith        mfSmith (req'd for initial, rec'd for reissue)
Parker                       Warner (not strongly opposed to required PoP)
Housley
Jueneman
Lowry
Pinkas (qualified "by other means")
Arsenault


That's a pretty solid consensus, and that doesn't include those who
might be expected to strengthen it further.  Counting the document
editor(s) is "biasing" the vote???  The duty of an editor is to reflect
WG decisions in the document, but should that invalidate the editors'
rights to participate in those decisions by expressing their own opinions?


> What **new** issue is there to discuss which was
> not discussed last time, which would give
> a valid rationale for a change in the document back
> to the previous position?

The issue is that IETF procedure requires Working Group Last Calls to
last for a finite period of time, generally four weeks.  After that period,
a decision is reached one way or another.  With "rough consensus" or better,
the document will reflect that consensus.  If opinion is "halved" (to
use Ryder Cup terminology), the status quo is preserved.

-----------------------------


We are all agreed that policy issues are properly addressed in
individual CAs' Certification Practice Statements, as framed 
by Part 4.

But most people (as counted above) believe that Proof of Possession is
not a policy issue, it is a fundamental component of any meaningful
Public Key Infrastructure.  You might as well argue that the use of
digital signatures on certificates is a policy issue - that CAs should
be free to set their own policy on whether certs are signed, as long
as that policy is described in the CPS.

To clarify the questions raised by the straw poll respondents, here
is a restatement of the question:

 "If Certificate Management Protocol messages are used to issue
 certificates, then Proof-of-Possession is REQUIRED to be demonstrated
 by the sender and checked by the recipient of those messages."


This acknowledges that PKI management functions will often be accomplished
by means other than CMP messages, such as other protocols, out-of-band
procedures, or physical delivery of tokens.  In these non-CMP scenarios,
the procedures followed by the CA, including assurance "by other means"
that the certified end entity can use the private key, should be
documented in the CPS.

But in scenarios where CMP messages are used, the CPS can be simplified
by claiming that Proof of Possession is demonstrated "in accordance with
the Certificate Management Protocol", augmented with a description
of the scheme ("centralized", "basic authenticated", other)
and the algorithms used.

I'll repeat the question that Peter dodged:  does making PoP REQUIRED
in the case where CMP messages are used negatively impact any usage
scenarios?

The only negative consequence brought up so far was Michael Warner's
granting of power of attorney, in which he said requiring PoP would
"make some things a little more inconvenient".  Others thought that
this usage (intentionally issuing certs to non-keyholders) was a
Bad Idea.

Prev by Date: Re: Comments on [MANDATORY cert discovery capabiity]
Next by Date: RE: Last Call (CMP proof-of-possession)
Previous by thread: Re: Last Call (CMP proof-of-possession)
Next by thread: RE: Last Call (CMP proof-of-possession)
Index(es):
- Date
- Thread