idnits 2.17.1 draft-ietf-lamps-rfc7299-update-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (7 October 2021) is 922 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group R. Housley 3 Internet-Draft Vigil Security 4 Updates: 7299 (if approved) 7 October 2021 5 Intended status: Informational 6 Expires: 10 April 2022 8 Update to the Object Identifier Registry for the PKIX Working Group 9 draft-ietf-lamps-rfc7299-update-02 11 Abstract 13 RFC 7299 describes the object identifiers that were assigned by 14 Public-Key Infrastructure using X.509 (PKIX) Working Group in an arc 15 that was allocated by IANA (1.3.6.1.5.5.7). A small number of object 16 identifiers that were assigned in RFC 4212 are omitted from RFC 7299, 17 and this document updates RFC 7299 to correct that oversight. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at https://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on 10 April 2022. 36 Copyright Notice 38 Copyright (c) 2021 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 43 license-info) in effect on the date of publication of this document. 44 Please review these documents carefully, as they describe your rights 45 and restrictions with respect to this document. Code Components 46 extracted from this document must include Simplified BSD License text 47 as described in Section 4.e of the Trust Legal Provisions and are 48 provided without warranty as described in the Simplified BSD License. 50 Table of Contents 52 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 53 2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 2 54 2.1. "SMI Security for PKIX CRMF Registration Controls for 55 Alternate Certificate Formats" Registry . . . . . . . . . 2 56 3. Security Considerations . . . . . . . . . . . . . . . . . . . 3 57 4. References . . . . . . . . . . . . . . . . . . . . . . . . . 3 58 4.1. Normative References . . . . . . . . . . . . . . . . . . 3 59 4.2. Informative References . . . . . . . . . . . . . . . . . 3 60 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 4 62 1. Introduction 64 When the Public-Key Infrastructure using X.509 (PKIX) Working Group 65 was chartered, an object identifier arc was allocated by IANA for use 66 by that working group. After the PKIX Working Group was closed, 67 [RFC7299] was published to describe the object identifiers that were 68 assigned in that arc. A small number of object identifiers that were 69 assigned in RFC 4212 [RFC4212] are not included in RFC 7299, and this 70 document corrects that oversight. 72 The PKIX Certificate Management Protocol (CMP) [RFC4210] allocated 73 id-regCtrl-altCertTemplate (1.3.6.1.5.5.7.5.1.7), and then two object 74 identifiers were assigned within that arc [RFC4212], which were 75 intended to be used with either PKIX CMP [RFC4210] or PKIX 76 Certificate Management over CMS (CMC) [RFC5272] [RFC5273] [RFC5274] 77 [RFC6402]. 79 This document describes the object identifiers that were assigned in 80 that arc, established an IANA registry for that arc, and establishes 81 IANA allocation policies for any future assignments within that arc. 83 2. IANA Considerations 85 IANA is asked to create one additional registry table. 87 2.1. "SMI Security for PKIX CRMF Registration Controls for Alternate 88 Certificate Formats" Registry 90 Within the SMI-numbers registry, an "SMI Security for PKIX CRMF 91 Registration Controls for Alternate Certificate Formats 92 (1.3.6.1.5.5.7.5.1.7)" table with three columns has been added: 94 Decimal Description References 95 ------- ------------------------------ ---------- 96 1 id-acTemplate [RFC4212] 97 2 id-openPGPCertTemplateExt [RFC4212] 99 Future updates to the registry table are to be made according to the 100 Specification Required policy as defined in [RFC8126]. The expert is 101 expected to ensure that any new values are strongly related to the 102 work that was done by the PKIX Working Group. In particular, 103 additional object identifiers should be needed for use with either 104 the PKIX CMP or PKIX CMC to support alternative certificate formats. 105 Object identifiers for other purposes should not be assigned in this 106 arc. 108 3. Security Considerations 110 This document populates an IANA registry, and it raises no new 111 security considerations. The protocols that specify these values 112 include the security considerations associated with their usage. 114 4. References 116 4.1. Normative References 118 [RFC7299] Housley, R., "Object Identifier Registry for the PKIX 119 Working Group", RFC 7299, DOI 10.17487/RFC7299, July 2014, 120 . 122 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 123 Writing an IANA Considerations Section in RFCs", BCP 26, 124 RFC 8126, DOI 10.17487/RFC8126, June 2017, 125 . 127 4.2. Informative References 129 [RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen, 130 "Internet X.509 Public Key Infrastructure Certificate 131 Management Protocol (CMP)", RFC 4210, 132 DOI 10.17487/RFC4210, September 2005, 133 . 135 [RFC4212] Blinov, M. and C. Adams, "Alternative Certificate Formats 136 for the Public-Key Infrastructure Using X.509 (PKIX) 137 Certificate Management Protocols", RFC 4212, 138 DOI 10.17487/RFC4212, October 2005, 139 . 141 [RFC5272] Schaad, J. and M. Myers, "Certificate Management over CMS 142 (CMC)", RFC 5272, DOI 10.17487/RFC5272, June 2008, 143 . 145 [RFC5273] Schaad, J. and M. Myers, "Certificate Management over CMS 146 (CMC): Transport Protocols", RFC 5273, 147 DOI 10.17487/RFC5273, June 2008, 148 . 150 [RFC5274] Schaad, J. and M. Myers, "Certificate Management Messages 151 over CMS (CMC): Compliance Requirements", RFC 5274, 152 DOI 10.17487/RFC5274, June 2008, 153 . 155 [RFC6402] Schaad, J., "Certificate Management over CMS (CMC) 156 Updates", RFC 6402, DOI 10.17487/RFC6402, November 2011, 157 . 159 Author's Address 161 Russ Housley 162 Vigil Security, LLC 163 516 Dranesville Road 164 Herndon, VA, 20170 165 United States of America 167 Email: housley@vigilsec.com