[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Yes, and remove more of the alphabet from the PKIX soup
I am trying to understand the relationship between the various
certificate enrollment protocols and came across this archived
email thread.
Since then, CMP is going to RFC, CMMC seems to be
going away, and CMC work continues. Correct?
So can someone with experience in each of these please
summarize the merits of each?
Is CMC a follow-on to CMP and intended to improve some
deficiencies, or are they competing protocols.
Thanks in advance,
Eric Bomarsi
======================================================
To: ietf-pkix@imc.org
Subject: RE: Yes, and remove more of the alphabet from the PKIX soup (Was: RE: Can we now kill
CMMF?)
From: Warwick Ford <WFord@verisign.com>
Date: Fri, 18 Dec 1998 12:49:16 -0800
Sender: owner-ietf-pkix@imc.org
I think we all want to see the document structure rationalized, but I would
not want that objective to destabilize completion of the protocol specs. I
see it as follows: CMP and CRMF are (virtually) Proposed Standards now, and
we do not want to disturb them. In their next iteration, we could certainly
consider folding CRMF into the CMP spec. CMC has done the right thing in
eliminating its dependence on CMMC, so we are probably now able to drop CMMC
as Al proposed. It is OK for CMC to reference CRMF for now; but the CMC
authors might consider folding in CRMF as well at some stage -- maybe a
future iteration, to be sure such a move does not disrupt publication of the
first CMC Proposed Draft. However, it would not be helpful to try to merge
CMP and CMC at this stage -- this is something we can look at later on, in
the light of experience in implementing these protocols.
Warwick
> -----Original Message-----
> From: Aram Perez [mailto:aram@apple.com]
> Sent: Friday, December 18, 1998 10:35 AM
> To: ietf-pkix@imc.org
> Subject: Re: Yes, and remove more of the alphabet from the PKIX soup
> (Was: RE: Can we now kill CMMF?)
>
>
> I like Bill suggestion. Less documentation is better (KISS ;-)
>
> Aram Perez
> Apple Computer, Inc.
>
> >Folks,
> >
> > 1. I second Al's motion!
> >
> > 2. Now, let's start working on reducing some more of this PKIX
> >alphabet-soup nonsense.
> >
> > 3. Prime candidates would seem to include (for now) CRMF, CMP, and
> >CMC. All can/should be rolled into one document.
> >
> > 4. Since CMC is essentially a superset of CMMF and CRMF, the latter
> >two can/should be collapsed into the former.
> >
> > 5. Since CMP and CMC/CMMF/CRMF are essentially supersets of one
> >another, one can/should be collapsed into the other.
> >
> > 6. Since CMC/CMMF/CRMF is of more recent vintage, and currently
> >under very active and broad-based discussion, it will likely
> reflect many
> >new lessons learned (especially from the real world of
> registration), and
> >ipso facto obsolete CMP.
> >
> > 7. So why not cut to the chase and collapse CMP into CMC/CMMF/CRMF
> >now?
> >
> > 8. This will leave us with one, combined, substantially-revised,
> >updated, integrated, and thoroughly-scrubbed document: the
> "new CMC".
> >One-stop shopping for implementers! Interoperability
> nirvana at long last!
> >
> > Comments?
> >
> >Bill
> >
> >%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
> >William F. Flanigan, Jr., Ph.D. Voice: (703) 681-2318
> >Defense Information Systems Agency Fax: (703)
> 681-2814
> >Information Assurance Office (JED) DSN:
> 761
> >5600 Columbia Pike, Room 632 Voice Mail: (703)
> 681-2318
> >Falls Church, VA 22041-2717 Internet: <flanigab@ncr.disa.mil>
> >%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
> >
> >
> >
> >> -----Original Message-----
> >> From: Al Arsenault [SMTP:aarsenault@spyrus.com]
> >> Sent: Wednesday, November 18, 1998 7:47 AM
> >> To: ietf-pkix@imc.org
> >> Subject: Can we now kill CMMF?
> >>
> > [snip]
> >
> >> So - I suggest that we now kill the CMMF document, as it
> serves no useful
> >> purpose.