[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

R: Time Stamp and Notary Drafts

To: "'Robert Zuccherato'" <robert.zuccherato@xxxxxxxxxxx>
Subject: R: Time Stamp and Notary Drafts
From: Santoni Adriano <santoni@xxxxxx>
Date: Mon, 5 Oct 1998 11:15:48 +0200
Cc: "'ietf-pkix@xxxxxxx'" <ietf-pkix@xxxxxxx>
Sender: owner-ietf-pkix@xxxxxxx

Yes, I have a couple of questions and a few remarks.

Regarding the nonce field in timestamp requests and responses: the draft
says (at page X) that the TSA must include the same nonce value the
requestor specified in his request, in case he did. But how is the TSA going
to determine that the requestor did specify a nonne value? I can imagine two
possible answers: either the nonce field is OPTIONAL in the TimeStampReq,
too (and not only in the response), or a "blank" value is established by
convention (e.g. zero).

Regarding the timestamp response (token): would not it be useful to include
a pointer to an on-line repository, supposed to be run by the TSA, were all
tokens are held and made available to everyone for browsing and downloading?

Remarks. The draft should make use, IMO, of the usual keywords (in
all-uppercase) indicating requirement levels (MUST, MUST NOT, SHOULD, etc.)
as per RFC 2119. A more elaborate explanation of how to intepret the
reqPolicy field and some real-world scenarios would also be helpful.

Regards.
  Adriano Santoni
__________________________________________
Ing. Adriano Santoni
Direzione Rete - Servizio Progettazione Rete Logica
Società Interbancaria per l'Automazione - SIA S.p.A.
Viale Certosa, 218 - I-20156 Milano

Vox: +39 2 3005 277
Fax: +39 2 38003333
Plain email: santoni@sia.it
S/MIME email: asantoni@sia.it
Website: http://www.sia.it


> -----Messaggio originale-----
> Da:	Robert Zuccherato [SMTP:robert.zuccherato@entrust.com]
> Inviato:	lunedì 28 settembre 1998 18.37
> A:	'ietf-pkix@imc.org'
> Oggetto:	Time Stamp and Notary Drafts
> 
> As some of you may have noticed, I have submitted the latest versions of
> our
> Time Stamp and Data Certification Server drafts as PKIX Internet Drafts,
> in
> accordance with the decisions made in Chicago.  These drafts are based on
> the drafts that we have been submitting independently on these topics for
> some time now and reporting to PKIX on their progress.
> 
> The Time Stamp Draft describes a protocol in which a trusted Time Stamp
> Authority provides evidence that a message existed at a particular point
> in
> time.  It is available at:
> http://www.ietf.org/internet-drafts/draft-ietf-pkix-time-stamp-00.txt
> 
> The Data Certification Server provides "notary" type services (signature
> validation, certificate path validation) in support of non-repudiation.
> This draft is available at:
> http://www.ietf.org/internet-drafts/draft-ietf-pkix-dcs-00.txt
> 
> As usual, comments are welcome.
> 
> 	Robert Zuccherato.
>

Prev by Date: RE: NEW Data type for certificate selection ?
Next by Date: RE: Time Stamp and Notary Drafts
Previous by thread: RE: Notification: Inbound Mail Failure
Next by thread: R: Time Stamp and Notary Drafts
Index(es):
- Date
- Thread