[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Time Stamp: tsa field in TSTInfo

To: Peter Sylvester <Peter.Sylvester@xxxxxxxxxx>, "'Denis Pinkas'" <Denis.Pinkas@xxxxxxxx>
Subject: RE: Time Stamp: tsa field in TSTInfo
From: Robert Zuccherato <robert.zuccherato@xxxxxxxxxxx>
Date: Thu, 8 Apr 1999 10:45:47 -0400
Cc: ietf-pkix@xxxxxxx, jluis@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

Okay, I will make the tsa name optional as well.  However, it MUST be
present if the authenticated attribute from ESS is not included.  I think
that since time stamp tokens will be used as evidence in support of
non-repudiation, there should be some identification of the TSA within the
signed part of the token.

> ----------
> From: 	Denis Pinkas[SMTP:Denis.Pinkas@bull.net]
> Sent: 	Thursday, April 08, 1999 6:16 AM
> To: 	Peter Sylvester
> Cc: 	ietf-pkix@imc.org; jluis@fnmt.es; robert.zuccherato@entrust.com
> Subject: 	Re: Time Stamp: tsa field in TSTInfo
> 
> Peter,
> 
> I concur with your proposal, ie. use an signed (also called
> "authenticated")
> attribute from ESS that indicates the certificate used by the TSA and
> suppress the
> name of the TSA from the signed structure. This "useful" attribute is
> indeed in
> ESS, not CMS - where it should have been. :-(
> 
> Since the verifier will need anyway to get that certificate to verify the
> signature, then, at that time, it will get the name of the TSA.
> 
> Regards,
> 
> Denis
> 
> 
> > >
> > > Actually, I believe that when using CMS only the content (in this case
> > > TSTInfo) is signed along with any authenticated attributes.  Thus, the
> > > distinguishing information for the TSA would not be signed if it was
> not
> > > included within the TSTInfo structure.
> > If the TST provider want to surely indicate its identity, one
> > can use an ess signing certificate attribute.
> >
> > This seems preferable to me (if the tendancy is avoid to reinvent
> things).
> >
> > The ess stuff was probably not avaiable at the time when
> > the tst draft was written for the first time.
> >
> >
> > >
> > >       Robert.
> > >
> > > > ----------
> > > > From:       Juan Luis López[SMTP:jluis@fnmt.es]
> > > > Sent:       Wednesday, April 07, 1999 5:25 AM
> > > > To:         pkix
> > > > Subject:    Time Stamp: tsa field in TSTInfo
> > > >
> > > >     Hi everybody!
> > > >
> > > >     I am involved in a Time Stamping project and we are analysing
> the PKIX
> > > > draft about this subject.
> > > >
> > > >     I would like to give my opinion on an issue to the list:
> > > >     It seems not appropriate to include a field in TSTInfo structure
> > > > related to the tsa identity, i.e. tsa field. I don't find this field
> > > > necessary because it is repeated when using a CMS or PKCS#7 envelope
> to
> > > > encapsulate the token information. This information would be
> redundant
> > > > since an identifier distinguishing the given tsa should be present
> in the
> > > > signerInfo structure.
> > > >
> > > >     So, I recommend the deletion of this field.
> > > >
> > > >     Regards,
> > > >    Juan Luis López
> > > >
> > > >
> > > >
> > > >
> --------------------------------------------------------------------------
> > > > -----------
> > > > Juan Luis López                                              <
> > > > jluis@fnmt.es>
> > > > Project Engineer
> > > > http://www.fnmt.es/pkits
> > > > Fábrica Nacional de Moneda y Timbre             tel: [+34] 91 506 48
> 40
> > > > C/ Juan de Mariana, 17                                  fax: [+34]
> 91 506
> > > > 48 51
> > > > E-28045 Madrid, SPAIN
> > > >
> > >
>

Follow-Ups:
- Re: Time Stamp: tsa field in TSTInfo
  - From: Denis Pinkas

Prev by Date: Re: A $25,000,000,000 PKI Was:Spec. on QC-low-fat & QC-heavy-bio
Next by Date: RE: A $25,000,000,000 PKI Was:Spec. on QC-low-fat &QC-heavy-bio
Previous by thread: RE: Time Stamp: tsa field in TSTInfo
Next by thread: Re: Time Stamp: tsa field in TSTInfo
Index(es):
- Date
- Thread