Re: Request for well-known URI: est
Peter Saint-Andre <stpeter@stpeter.im> Thu, 15 August 2013 19:23 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: wellknown-uri-review@ietfa.amsl.com
Delivered-To: wellknown-uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6E4E11E80AD for <wellknown-uri-review@ietfa.amsl.com>; Thu, 15 Aug 2013 12:23:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.188
X-Spam-Level:
X-Spam-Status: No, score=-102.188 tagged_above=-999 required=5 tests=[AWL=0.411, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UBk1nclOxw+S for <wellknown-uri-review@ietfa.amsl.com>; Thu, 15 Aug 2013 12:22:57 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 36DCC11E8167 for <wellknown-uri-review@ietf.org>; Thu, 15 Aug 2013 12:22:57 -0700 (PDT)
Received: from ergon.local (unknown [64.101.72.39]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id C831640542; Thu, 15 Aug 2013 13:25:57 -0600 (MDT)
Message-ID: <520D2A8D.3030100@stpeter.im>
Date: Thu, 15 Aug 2013 13:22:53 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7
MIME-Version: 1.0
To: Sean Turner <turners@ieca.com>
Subject: Re: Request for well-known URI: est
References: <516D6CC8.6070705@ieca.com>
In-Reply-To: <516D6CC8.6070705@ieca.com>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: apps-ads@tools.ietf.org, wellknown-uri-review@ietf.org, draft-ietf-pkix-est@tools.ietf.org
X-BeenThere: wellknown-uri-review@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Well-Known URI review list <wellknown-uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wellknown-uri-review>, <mailto:wellknown-uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/wellknown-uri-review>
List-Post: <mailto:wellknown-uri-review@ietf.org>
List-Help: <mailto:wellknown-uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wellknown-uri-review>, <mailto:wellknown-uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Aug 2013 19:23:01 -0000
On 4/16/13 9:22 AM, Sean Turner wrote: > Hi wellknown-uri experts! > > I'd like to request a review of registration request for > .well-known/est, which is found in > https://datatracker.ietf.org/doc/draft-ietf-pkix-est/. > > Summary: EST (Enrollment over Secure Transport) is a way for clients to > retrieve PKI-related "stuff" from an EST server. Think posting > enrollment requests (i.e., PKCS#10), getting enrollment responses (i.e., > PKCS#7 certs-only), re-enrollment, CA certificates, etc. > > > A related question, which I'm hoping you might be able to help with: > when specifying the URI bit below our soon-to-be wellknown URI do we > need to specify whether they are case sensitive or not? For example, we > have: > > /.well-known/est/CACerts > > but would that only be the same as the following if we state that it's > case insensitive: > > /.well-known/est/cacerts I know this I-D was just approved for publication, but I have a question about the well-known URI registration. The document registers only the "est" suffix. However, the document itself uses a number of well-known URIs, such as the one that Sean mentioned above: /.well-known/est/cacerts And so on: /.well-known/est/csrattrs /.well-known/est/simpleenroll [etc.] By my reading of RFC 5785, each well-known URI would need to be registered separately. However, in a later reply within this thread (which I don't have archived in my mail client), Mark Nottingham said the following (seemingly as the designed expert for this registry): "Each well-known controls the name space "below" it, so you can do what you like there (within the constraints of URIs)." http://www.ietf.org/mail-archive/web/wellknown-uri-review/current/msg00082.html RFC 5785 says: Applications that wish to mint new well-known URIs MUST register them, following the procedures in Section 5.1. For example, if an application registers the name 'example', the corresponding well-known URI on 'http://www.example.com/' would be 'http://www.example.com/.well-known/example'. RFC 5785 does *not* say: For example, if an application registers the name 'example' then the corresponding well-known URIs on 'http://www.example.com' would be any URI starting with 'http://www.example.com/.well-known/example', such as 'http://www.example.com/.well-known/example-foo' or 'http://www.example.com/.well-known/example/foo' or 'http://www.example.com/.well-known/example/foo/bar' IMHO clarification would be helpful here. Peter -- Peter Saint-Andre https://stpeter.im/
- Request for well-known URI: est Sean Turner
- Re: Request for well-known URI: est Barry Leiba
- Re: Request for well-known URI: est Sean Turner
- Re: Request for well-known URI: est Barry Leiba
- Re: Request for well-known URI: est Max Pritikin (pritikin)
- Re: Request for well-known URI: est Max Pritikin (pritikin)
- Re: Request for well-known URI: est Mark Nottingham
- Re: Request for well-known URI: est Max Pritikin (pritikin)
- Re: Request for well-known URI: est Sean Turner
- Re: Request for well-known URI: est Peter Saint-Andre
- Re: Request for well-known URI: est Max Pritikin (pritikin)
- Re: Request for well-known URI: est Peter Saint-Andre
- Re: Request for well-known URI: est Peter Saint-Andre
- Re: Request for well-known URI: est Peter Saint-Andre
- Re: Request for well-known URI: est Barry Leiba
- Re: Request for well-known URI: est Peter Saint-Andre
- Re: Request for well-known URI: est Barry Leiba
- Re: Request for well-known URI: est Peter Saint-Andre
- Re: Request for well-known URI: est SM
- Re: Request for well-known URI: est Peter Saint-Andre
- Re: Request for well-known URI: est SM
- Re: Request for well-known URI: est Sean Turner
- Re: Request for well-known URI: est Mark Nottingham
- Re: Request for well-known URI: est Mark Nottingham