[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Hipsec] I-D Action:draft-ietf-hip-cert-02.txt

Subject: Re: [Hipsec] I-D Action:draft-ietf-hip-cert-02.txt
From: Samu Varjonen <samu.varjonen at hiit.fi>
Date: Mon, 26 Oct 2009 13:31:53 +0200
Cc: hipsec at ietf.org
Delivered-to: hipsec at core3.amsl.com
In-reply-to: <20091026103001.EED8F3A687C at core3.amsl.com>
List-archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-help: <mailto:hipsec-request@ietf.org?subject=help>
List-id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-post: <mailto:hipsec@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
References: <20091026103001.EED8F3A687C at core3.amsl.com>
User-agent: Thunderbird 2.0.0.23 (X11/20090817)

Hi,

This is the new version of the HIP certificates.

Modifications include:
- Editorial changes according to the discussions on the mailing list.
- Added new types for DN and LDAP URL
- Added signaling discussion and reference to the heer-hip-service-00

Open questions:

1. Should signaling be defined specifically for hip-cert?

Seems like overlapping work because hip-service already defines ageneric way to signal the requirements and failures but it is individualsubmission.


2. Should hip-service be adopted as WG item and handled in bundle with
  hip-cert?

Because the signaling is needed for the hosts to signal the need for acertificate or for a chain of certificates. But referencing hip-servicecannot be done unless its taken forward at the same pace.


3. Or should the hip-cert be more generic?

Then hip-cert would be about just the parameter and the signaling ofrequirements and failures would be left to other documents such aship-service to handle (but which would progress on its own pace).


4. Gathering use case scenarios and adding examples to the draft?

5. Add new examples?

If something seems to be missing or off. Please, inform me.

Comments are welcome as usual.

BR,
Samu Varjonen

Internet-Drafts at ietf.org wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Host Identity Protocol Working Group of the IETF.


	Title           : HIP Certificates
	Author(s)       : T. Heer, S. Varjonen
	Filename        : draft-ietf-hip-cert-02.txt
	Pages           : 10
	Date            : 2009-10-26

This document specifies a certificate parameter called CERT for the
Host Identity Protocol (HIP).  The CERT parameter is a container for
X.509.v3 certificates and for Simple Public Key Infrastructure (SPKI)
certificates.  It is used for carrying these certificates in HIP
control packets.  Additionally, this document specifies the
representations of Host Identity Tags in X.509.v3 and in SPKI
certificates.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-hip-cert-02.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.


------------------------------------------------------------------------

_______________________________________________
Hipsec mailing list
Hipsec at ietf.org
https://www.ietf.org/mailman/listinfo/hipsec

Follow-Ups:
- Re: [Hipsec] I-D Action:draft-ietf-hip-cert-02.txt
  - From: Mattes, David
- Re: [Hipsec] I-D Action:draft-ietf-hip-cert-02.txt
  - From: Miika Komu

References:
- [Hipsec] I-D Action:draft-ietf-hip-cert-02.txt
  - From: Internet-Drafts

Prev by Date: [Hipsec] I-D Action:draft-ietf-hip-cert-02.txt
Next by Date: Re: [Hipsec] I-D Action:draft-ietf-hip-cert-02.txt
Previous by thread: [Hipsec] I-D Action:draft-ietf-hip-cert-02.txt
Next by thread: Re: [Hipsec] I-D Action:draft-ietf-hip-cert-02.txt
Index(es):
- Date
- Thread