[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Yes, and remove more of the alphabet from the PKIX soup

To: "'Al Arsenault'" <aarsenault@xxxxxxxxxx>, Eric Bomarsi <ebomarsi@xxxxxxxxx>
Subject: RE: Yes, and remove more of the alphabet from the PKIX soup
From: "Flanigan, Bill" <flanigab@xxxxxxxxxxxx>
Date: Fri, 12 Feb 1999 09:11:48 -0500
Cc: ietf-pkix@xxxxxxx
Importance: low
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

Hello Al/Eric,
 
    IMHO, CMC (needs a much-broader, descriptive name?) appears to be the
"logical successor" to CMP as well as the rest of the PKIX alphabet soup of
somewhat contradictory I-Ds/RFCs.  CMP now seems too narrowly focused and
not fully formed.  This is to be expected, since CMP drew on the experience
of only a small number of smart folks who had hands-on, post-pilot,
PKI-implementation experience (they were probably the only ones on the
planet at the time!).  CMC (or an updated, unified spec) offers the
opportunity for many more folks who now have had hands-on experience with
major PKI implementations (especially with the registration process and
directories) to contribute to a more mature, deconflicted, and homogeneous
protocol that can be implemented by many "flavors" of PKI using out-of-the
box components without glueware. 
 
Bill

-----Original Message-----
From: Al Arsenault [ mailto:aarsenault@spyrus.com
<mailto:aarsenault@spyrus.com> ]
Sent: Thursday, February 11, 1999 1:21 PM
To: Eric Bomarsi; ietf-pkix@imc.org <mailto:ietf-pkix@imc.org> 
Subject: RE: Yes, and remove more of the alphabet from the PKIX soup


Eric,

At 12:23 PM 2/11/99 -0500, Eric Bomarsi wrote:
>I am trying to understand the relationship between the various
>certificate enrollment protocols and came across this archived
>email thread. <snipped>
>
>Since then, CMP is going to RFC, CMMF seems to be
>going away, and CMC work continues. Correct?
>

Correct.


>So can someone with experience in each of these please
>summarize the merits of each?
>
>Is CMC a follow-on to CMP and intended to improve some
>deficiencies, or are they competing protocols.

 [snip] 

        Yes, the two protocols (CMP and CMC) are "competing" with one
another.  CMP was created first (it evolved out of the original PKIX-3
document); then CMC (which was originally CRS) was proposed as an
alternative by a group of people who didn't want to deal with the creation
of a new protocol.  Vendors generally choose one or the other to implement;
certain vendors (I'll let them speak for themselves) have said publically
that they're going to support CMC and never implement CMP; other vendors
have made similar commitments to CMP and seem to shun CMC.  I'm not aware of
anybody who has made a public commitment to support both, but there might be
somebody.

  [snip]                                                         Al
Arsenault

 [snip] .

Follow-Ups:
- Re: Yes, and remove more of the alphabet from the PKIX soup
  - From: Eric Bomarsi

Prev by Date: Re: Finding PKIX Servers!
Next by Date: RE: Finding PKIX Servers!
Previous by thread: RE: Yes, and remove more of the alphabet from the PKIX soup
Next by thread: Re: Yes, and remove more of the alphabet from the PKIX soup
Index(es):
- Date
- Thread