[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LAST CALL: draft-ietf-pkix-cmc-05.txt

To: ietf-pkix@xxxxxxx
Subject: Re: LAST CALL: draft-ietf-pkix-cmc-05.txt
From: Keith Brady <keith@xxxxxxxxxxxx>
Date: Wed, 28 Jul 1999 19:34:08 +0100

David> "Half-baked protocols" is pretty strong language. The CMP

Indeed, this is certainly not the case with CMP as the interop has shown.

David> 1) errors in the protocol, which would prevent a single compliant
    implementation from functioning correctly,

The only one we have come across is the one John Wray identified and I
posted to the list about the CMP over TCP protocol. This is a trivial
change and an implementation may not even notice a problem. In any case
the other transports are fine (we think).

David> 2) ambiguities in the protocol, in which two compliant
    implementations would not necessarily interoperate, and

There are certainly some ambiguities but I'm not even sure we need to rev
the RFC for these (I may be wrong). A BCP might be in order, I'm not sure.

David> 3) errors or omissions in the implementations which cause
    them to be non-compliant with the protocol specifications as written.

There were, of course, a few of these. IMPLICIT/EXPLICIT, so it goes.

David> Identifying and correcting instances of 2) is clearly one of the
David> functions of the IETF standards track.

I believe we are taking the approach in the interops that corrections go
into 2510 (there aren't many) and clarifications go into an informational
or BCP RFC which will be the final version of Bob's ID.

David> adopters in not feeling like guinea pigs? If your boss tells you to
David> implement a prototype (as a vendor) or pilot (as a user), your
David> choice is to ignore him and do nothing until there is a Standard,
David> or implement the specifications that are available. If you are an
David> early adopter, you are a guinea pig, whether you adopt an
David> Experimental RFC or a Proposed Standard RFC.

I strongly agree with this. This is reinforced by the fact that it is
harder (though not impossible) to rev a PS than an ID. It means that
implementors can be reasonably sure of keeping most of their code base and
still have something ready then full standard status is reached.

cheers,

Keith

Prev by Date: RE: LAST CALL: draft-ietf-pkix-cmc-05.txt
Next by Date: Re: Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
Previous by thread: RE: LAST CALL: draft-ietf-pkix-cmc-05.txt
Next by thread: RE: LAST CALL: draft-ietf-pkix-cmc-05.txt
Index(es):
- Date
- Thread