PKIX meeting report About 42 individuals attended the single PKIX session at the 75th IETF.Four PKIX document have been approved by the IESG and are awaiting publication. One is entering IETF last call, one is slated for a telechat in 3 weeks, and another has just completed WG last call. Seven other document are in process in the WG.
The remaining two trust anchor documents will enter WGLC in a few weeks, and software implementing the functionality of these documents will be made available.
Stefan Santesson will take over as editor of RFC 4557bis (OCSP). The revisions will add an extension allowing a client to express algorithm preferences for OCSP responses, and will specify an algorithm for how an OCSP server selects the algorithm to use in signing a response.
Stefan also will act as editor for the update for RFC 3161 (Time Stamping). This RFC will have a minor change made to accommodate ESSv2 cert IDs, to allow use of hash algorithms other than SHA-1. This is consistent with our algorithm agility mandate, and will harmonize this RFC with existing ETSI efforts.
Stefan, completing a hat trick, discussed his I-D on linking images to certs. The intent is to extend RFC 3709 (Logotypes) to allow additional image formats for scaleable graphic representation.
The meeting concluded with two non-WG presentations. One, by Stefan, discussed an ongoing technical effort in the EU to reduce ambiguity of distinguished names in X,509 certs. The plan is to use metadata to provide a guide to interpreting DN attributes on a per CA basis. Steve presented a proposal for relying party management of trust anchors, focusing on the RPKI requirement for such a capability.
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.