[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: CMP message format. A naive question
Hi Michael,
Which of the three questions in your e-mail was the "naive question"
referred to in the title? :-)
> ----------
> From: Michael Zolotarev[SMTP:mzolotarev@baltimore.com.au]
> Reply To: mzolotarev@baltimore.com.au
> Sent: Wednesday, April 07, 1999 10:03 PM
> To: 'PKIX mailing group'
> Subject: CMP message format. A naive question
>
> The CMP message format can be very appropriately used for
> non-cert-related
> PKI services, such as TimeStamping, AttributeCertificates, DCS etc
>
>
> Q1. Are there any reasons (technical, patent-related, religious,...) why
> the CMP message structure can not or should not be used for non-CMP PKI
> services?
There are no reasons of which I am aware. In fact, the original intent was
for this message structure to be generally useful to PKIX (rather than
specific to CMP), which is why we called it "PKIMessage".
> Q2. If the CMP format can be legitimately used for non-certificate
> management protocol operations, then what would be the IDs for the new
> PKIBody content? Has anybody sorted out or reserved the IDs above [23]?
Nobody has mentioned / proposed using numbers above 23 to me. I therefore
assume that such numbers are available for use within this message
structure.
> Q3. What would be the name to use, when it is not a Cert Mgm Prot-related
> message any longer?. "Generic PKI Message Format" (GPMF)?
Finding satisfactory names for things is sometimes the easiest, and
sometimes the most difficult, part of such an exercise. Perhaps coming up
with concrete proposals for other PKIBody contents first would be
preferable. :-)
As one example, now that PKIX is officially chartered to look at Attribute
Certificates, the group may want to consider defining PKIBody contents to
request that an Attribute Authority issue an AC containing some specific
privileges, and to carry the appropriate response.
Carlisle.