Re: [TSP] PKIStatus constants clarification
Denis Pinkas <Denis.Pinkas@bull.net> Thu, 19 December 2002 08:30 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA11597 for <pkix-archive@lists.ietf.org>; Thu, 19 Dec 2002 03:30:16 -0500 (EST)
Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id gBJ83iL01140 for ietf-pkix-bks; Thu, 19 Dec 2002 00:03:44 -0800 (PST)
Received: from odin2.bull.net (odin2.bull.net [192.90.70.84]) by above.proper.com (8.11.6/8.11.3) with ESMTP id gBJ83go01136 for <ietf-pkix@imc.org>; Thu, 19 Dec 2002 00:03:42 -0800 (PST)
Received: from clbull.frcl.bull.fr (clbull.frcl.bull.fr [129.182.8.31]) by odin2.bull.net (8.9.3/8.9.3) with ESMTP id JAA08292; Thu, 19 Dec 2002 09:04:55 +0100
Received: from bull.net (frcls4013.frcl.bull.fr [129.182.108.120]) by clbull.frcl.bull.fr (8.9.2/8.9.1) with ESMTP id JAA13854; Thu, 19 Dec 2002 09:03:54 +0100
Message-ID: <3E017D5B.1040509@bull.net>
Date: Thu, 19 Dec 2002 09:03:39 +0100
From: Denis Pinkas <Denis.Pinkas@bull.net>
Organization: Bull SA.
User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0
X-Accept-Language: en-us, en, fr
MIME-Version: 1.0
To: tho <thomas.fossati@tin.it>
CC: ietf-pkix <ietf-pkix@imc.org>
Subject: Re: [TSP] PKIStatus constants clarification
References: <20021218135331.A639@congo.homeunix.net> <3E009B94.2030309@bull.net> <20021218171228.B1173@congo.homeunix.net>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Content-Transfer-Encoding: 7bit
Thomas, Michael Aisenberg asked us to go off-line. Well, PKIX is an open discussion list. If a change has to be done on a document, it has to be openly discussed. Now, having said this, Thomas, if my response below on that topic, i.e. PKIStatus constants clarification, does not satisfy you, please go off-line and copy my co-editors. > Denis, > > On Wed, Dec 18, 2002 at 05:00:20PM +0100, Denis Pinkas wrote: > >>>- revocationWarning(4) >>> The text says - pasting from rfc2510 -: "this message contains >>> a warning that a revocation is imminent.". >>> Well, but revocation of what ? >> >>of the TSU certificate. >> >> >>>- revocationNotification(5) >>> Again, revocation of what ? >> >>of the TSU certificate. >> >> >>> Seemingly this could refer to the >>> signing certificate, but how can I tell which certificate is >>> since there is no means to identify it ? >> >> Extract from RFC 3161: " The certificate identifier (ESSCertID) of the >> TSA certificate MUST be included as a signerInfo attribute inside a >> SigningCertificate attribute." > > > rfc3161 says: > > "When the status contains the value zero or one, a TimeStampToken MUST > be present. When status contains a value other than zero or one, a > TimeStampToken MUST NOT be present." > > so in case of rejection(2), waiting(3), revocationWarning(4) and > revocationNotification(5) the client has no ESSCertID back... So what ? It says that the TSU certificate, whatever it is, is either going to be revoked or has been revoked. Denis > Thomas >
- [TSP] PKIStatus constants clarification tho
- Re: [TSP] PKIStatus constants clarification Denis Pinkas
- Re: [TSP] PKIStatus constants clarification tho
- Re: [TSP] PKIStatus constants clarification Denis Pinkas
- Re: [TSP] PKIStatus constants clarification Peter Gutmann
- Re: [TSP] PKIStatus constants clarification tho
- Re: [TSP] PKIStatus constants clarification Peter Sylvester
- Re: [TSP] PKIStatus constants clarification Peter Gutmann