[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: For your consideration: TAMP and CCC

To: Russ Housley <housley@xxxxxxxxxxxx>
Subject: Re: For your consideration: TAMP and CCC
From: Stephen Farrell <stephen.farrell@xxxxxxxxx>
Date: Thu, 04 Oct 2007 18:19:39 +0100
Cc: ietf-trust-anchor@xxxxxxxx
In-reply-to: <200710041635.l94GZBFG026018@xxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.vpnc.org/ietf-trust-anchor/mail-archive/>
List-id: <ietf-trust-anchor.vpnc.org>
List-unsubscribe: <mailto:ietf-trust-anchor-request@vpnc.org?body=unsubscribe>
References: <200710041635.l94GZBFG026018@xxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-trust-anchor@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)



Thanks Russ,

I think that those should provide excellent material to move
discussions on the list along. (Mind you, at 91 pages, it might
take a while to digest;-)

Cheers,
Stephen.

Russ Housley wrote:

The Trust Anchor Management Protocol (TAMP) specification has beensubmitted for your consideration. The draft was developed primarily tosupport trust anchor management for cryptographic modules with anassumption that the module would manage a single trust anchor store. Assuch, there are some aspects of the specification that are out ofalignment with the direction that this group seems to be taking.Specific items that are likely to change include the following:
- Throughout the draft, the term "cryptographic module" can often beread as "trust anchor store". If I understand the direction of thegroup, then a focus on the trust anchor store is more appropriate.
- Messages are targeted using hardware-centric names. I think thisapproach is one that ought to be supported, but there are probablyothers. At a minimum we should consider multiple trust anchor stores onthe same device.
- The mail list has discussed trust anchor types, but this draft definesa structure for trust anchors that are used in the validation of X.509certification paths and signatures on CMS objects that are directlysigned by the trust anchor. At a minimum, I think that it isimportant to add a hook for other trust anchor types.
Additionally, some changes are planned for the section that describesthe processing of TAMPUpdate messages. Additional language describingpath processing in support of TAMP update processing will be added andthe CertPathControls feature will be subject to subordination rules.
The TAMP draft is accompanied by another draft: Cryptographic MessageSyntax (CMS) Content Constraints X.509 Certificate Extension (CCC). TheCCC draft defines a certificate extension to handle delegation ofprivileges expressed in TAMP via the TrustAnchorUsage type. Thiscertificate extension is used to determine whether the public key in anX.509 public key certificate is appropriate to use in the processing ofa CMS-protected content.
The drafts are available at these locations:
http <http://www.ietf.org/internet-drafts/draft-housley-tamp-00.txt>://www.ietf.org/internet-drafts/draft-housley-tamp-00.txt<http://www.ietf.org/internet-drafts/draft-housley-tamp-00.txt>http://www.ietf.org/internet-drafts/draft-housley-cms-content-constraints-extn-00.txt

References:
- For your consideration: TAMP and CCC
  - From: Russ Housley

Prev by Date: For your consideration: TAMP and CCC
Previous by thread: For your consideration: TAMP and CCC
Index(es):
- Date
- Thread