[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SCVP-01

To: "'Peter Williams'" <peterw@xxxxxxxxxxxx>
Subject: RE: SCVP-01
From: Carlisle Adams <carlisle.adams@xxxxxxxxxxx>
Date: Wed, 1 Sep 1999 18:25:54 -0400
Cc: ietf-pkix@xxxxxxx

Hi Peter,

> ----------
> From: 	Peter Williams[SMTP:peterw@valicert.com]
> Sent: 	Tuesday, August 31, 1999 9:54 AM
> To: 	Alan Lloyd
> Cc: 	ietf-pkix@imc.org
> Subject: 	RE: SCVP-01
 
(...some text deleted...)

> I was disappointed in the Microsoft message: ...
> 
> I was disappointed by the Novell message: ...
> 
> Carlisle's ambiguous message ...
 
What a depressing couple of days you must have had!  How in the world are
you still finding the motivation to get up in the morning?  :-)

> DCS. There was consideration of using DCS as the vehicle
> by which to introduce validation checking into PKIX: we
> were halted in our tracks when the authors required things be
> tied to the ISO NR framework.  Sensibly, Ambarish heeded the
> simplicity goal, and chose not to be tied to a heavy-weight
> concept.  
 
I just looked again at the (off-line) e-mails we exchanged a few months ago
regarding this topic.  Our objections had nothing whatsoever to do with
wanting DCS to be tied to the ISO NR framework.  You and Ambarish suggested
splitting DCS into a base document and multiple smaller documents that
provide details for particular services.  Rob and I thought that although
this sounds great in theory, in practice it tends to be confusing and
ultimately unproductive (and we cited CMP/CRMF/CMMF/CMC as an example that
would loom fresh in PKIX minds).  Our preference was to keep a single
document, essentially structured as-is with its reasonable extension
mechanism for future additional services.  Somehow you took this to mean
that DCS was tied to the non-repudiation framework in a leap of logic that
mystified me then and still mystifies me now.

In any case, our objection to splitting up DCS was not intended to "halt you
in your tracks" and force you to create a different protocol.

> We can recall, that DCS extension can
> easily wrap the SCVP ASN.1 info object and thereby incorporate
> the standard validation protocol into DCS, for the NR-grade
> certificate handling. Presumably, the NR requirements
> will add to SCVP requirements for remote path processing,
> as to-be-specified in the DCS draft.
 
Are you suggesting that if, in fact, DCS is not "tied to the ISO NR
framework" then DCS is a reasonable place to put the SCVP syntax and
functionality?

Carlisle.

Follow-Ups:
- RE: SCVP-01
  - From: Peter Williams

Prev by Date: RE: End-Entity Certificate Policies
Next by Date: RE: New Microsoft cert extension?
Previous by thread: Re: SCVP-01
Next by thread: RE: SCVP-01
Index(es):
- Date
- Thread