idnits 2.17.1 draft-ietf-lamps-rfc7299-update-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (24 September 2021) is 944 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group R. Housley 3 Internet-Draft Vigil Security 4 Updates: 7299 (if approved) 24 September 2021 5 Intended status: Informational 6 Expires: 28 March 2022 8 Update to the Object Identifier Registry for the PKIX Working Group 9 draft-ietf-lamps-rfc7299-update-01 11 Abstract 13 When the Public-Key Infrastructure using X.509 (PKIX) Working Group 14 was chartered, an object identifier arc was allocated by IANA for use 15 by that working group. RFC 7299 describes the object identifiers 16 that were assigned in that arc. A small number of object identifiers 17 that were assigned in RFC 4212 are not included in RFC 7299, and this 18 document corrects that oversight. This document updates RFC 7299. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at https://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on 28 March 2022. 37 Copyright Notice 39 Copyright (c) 2021 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 44 license-info) in effect on the date of publication of this document. 45 Please review these documents carefully, as they describe your rights 46 and restrictions with respect to this document. Code Components 47 extracted from this document must include Simplified BSD License text 48 as described in Section 4.e of the Trust Legal Provisions and are 49 provided without warranty as described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 2 55 2.1. "SMI Security for PKIX CRMF Registration Controls for 56 Alternate Certificate Formats" Registry . . . . . . . . . 3 57 3. Security Considerations . . . . . . . . . . . . . . . . . . . 3 58 4. References . . . . . . . . . . . . . . . . . . . . . . . . . 3 59 4.1. Normative References . . . . . . . . . . . . . . . . . . 3 60 4.2. Informative References . . . . . . . . . . . . . . . . . 3 61 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 4 63 1. Introduction 65 When the Public-Key Infrastructure using X.509 (PKIX) Working Group 66 was chartered, an object identifier arc was allocated by IANA for use 67 by that working group. After the PKIX Working Group was closed, 68 [RFC7299] was published to describe the object identifiers that were 69 assigned in that arc. A small number of object identifiers that were 70 assigned in RFC 4212 [RFC4212] are not included in RFC 7299, and this 71 document corrects that oversight. 73 The PKIX Certificate Management Protocol (CMP) [RFC4210] allocated 74 id-regCtrl-altCertTemplate (1.3.6.1.5.5.7.5.1.7), and then two object 75 identifiers were assigned within that arc [RFC4212], which were 76 intended to be used with either PKIX CMP [RFC4210] or PKIX 77 Certificate Management over CMS (CMC) [RFC5272] [RFC5273] [RFC5274] 78 [RFC6402]. 80 This document describes the object identifiers that were assigned in 81 that arc, established an IANA registry for that arc, and establishes 82 IANA allocation policies for any future assignments within that arc. 84 2. IANA Considerations 86 IANA is asked to create one additional registry table. 88 2.1. "SMI Security for PKIX CRMF Registration Controls for Alternate 89 Certificate Formats" Registry 91 Within the SMI-numbers registry, an "SMI Security for PKIX CRMF 92 Registration Controls for Alternate Certificate Formats 93 (1.3.6.1.5.5.7.5.1.7)" table with three columns has been added: 95 Decimal Description References 96 ------- ------------------------------ ---------- 97 1 id-acTemplate [RFC4212] 98 2 id-openPGPCertTemplateExt [RFC4212] 100 Future updates to the registry table are to be made according to the 101 Specification Required policy as defined in [RFC8126]. The expert is 102 expected to ensure that any new values are strongly related to the 103 work that was done by the PKIX Working Group. In particular, 104 additional object identifiers should be needed for use with either 105 the PKIX CMP or PKIX CMC to support alternative certificate formats. 106 Object identifiers for other purposes should not be assigned in this 107 arc. 109 3. Security Considerations 111 This document populates an IANA registry, and it raises no new 112 security considerations. The protocols that specify these values 113 include the security considerations associated with their usage. 115 4. References 117 4.1. Normative References 119 [RFC7299] Housley, R., "Object Identifier Registry for the PKIX 120 Working Group", RFC 7299, DOI 10.17487/RFC7299, July 2014, 121 . 123 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 124 Writing an IANA Considerations Section in RFCs", BCP 26, 125 RFC 8126, DOI 10.17487/RFC8126, June 2017, 126 . 128 4.2. Informative References 130 [RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen, 131 "Internet X.509 Public Key Infrastructure Certificate 132 Management Protocol (CMP)", RFC 4210, 133 DOI 10.17487/RFC4210, September 2005, 134 . 136 [RFC4212] Blinov, M. and C. Adams, "Alternative Certificate Formats 137 for the Public-Key Infrastructure Using X.509 (PKIX) 138 Certificate Management Protocols", RFC 4212, 139 DOI 10.17487/RFC4212, October 2005, 140 . 142 [RFC5272] Schaad, J. and M. Myers, "Certificate Management over CMS 143 (CMC)", RFC 5272, DOI 10.17487/RFC5272, June 2008, 144 . 146 [RFC5273] Schaad, J. and M. Myers, "Certificate Management over CMS 147 (CMC): Transport Protocols", RFC 5273, 148 DOI 10.17487/RFC5273, June 2008, 149 . 151 [RFC5274] Schaad, J. and M. Myers, "Certificate Management Messages 152 over CMS (CMC): Compliance Requirements", RFC 5274, 153 DOI 10.17487/RFC5274, June 2008, 154 . 156 [RFC6402] Schaad, J., "Certificate Management over CMS (CMC) 157 Updates", RFC 6402, DOI 10.17487/RFC6402, November 2011, 158 . 160 Author's Address 162 Russ Housley 163 Vigil Security, LLC 164 516 Dranesville Road 165 Herndon, VA, 20170 166 United States of America 168 Email: housley@vigilsec.com