Warranty Certificate Extension draft-ietf-pkix-warranty-extn-01 55 th IETF Meeting November 2002.

Slides:



Advertisements
Similar presentations
Local TA Management A TA is a public key and associated data used as the starting point for certificate path validation It need not be a self-signed certificate.
Advertisements

Chapter 5: Mutual Assent
Telia Research AB György Endersz European Electronic Signature Standardisation Initiative EESSI Workshop Barcelona, György Endersz,
Chapter 3: Editing and Debugging SAS Programs. Some useful tips of using Program Editor Add line number: In the Command Box, type num, enter. Save SAS.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
CRL Processing Rules Santosh Chokhani November 2004.
EsMD Harmonization UC2 Data Element Prioritization 8/1/2012.
Auditing of a Certification Authority Patrick Cain, CISA, CISM The Cooper-Cain Group, Inc.
Local TA Management In prior WG meetings I presented a model for local management of trust anchors for the RPKI In response to these presentations, a.
MPKI Interoperability I-D ChangeLog from -01 to -02 Jan 16, 2004 Masaki SHIMAOKA SECOM Trust.net.
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
Use of AIA for Attribute Certificates
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006 draft-ietf-sidr-res-certs-01 Geoff Huston Rob Loomans George Michaelson.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.
In the CA I trust. A look at Certification Authorities James E. Shearer CSEP 590 March 8 th 2006.
Certificate Path Building draft-ietf-pkix-certpathbuild-01.txt Peter Hesse Matt Cooper Yuriy Dzambasow Susan Joseph Richard Nicholas.
DNS-centric PKI Sean Turner Russ Housley Tim Polk.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
Sales Contracts and Warranties OBE 118, Section 10, Fall 2004 Professor McKinsey Now we focus on the UCC, in other words Commercial Law How the UCC governs.
14 May 2002© TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.
Applicability Statement v1.1 Feedback: DirectTrust May 5, 2015.
Requirements for DSML 2.0. Summary RFC 2251 fidelity Represent existing directory protocols with new transport syntax Backwards compatibility with DSML.
Confidence Intervals and Hypothesis Testing - II
1 Dr. Jerrell T. Stracener EMIS 7370 STAT 5340 Probability and Statistics for Scientists and Engineers Department of Engineering Management, Information.
Trust Anchor Management Problem Statement 69 th IETF Trust Anchor Management BOF Carl Wallace.
Recap Allotment of Shares Application for allotment of shares
WG RAQMON Internet-Drafts RMON MIB WG Meeting Washington, Nov. 11, 2004.
Communication and Functional Models
A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.
Good Research Practice Other Roles of the Researcher Fang Mao, Department of Chemistry-Ångström Mi Wang, Department of EBC Getachew Kebede, Department.
Proposal Insert Subtitle Here Strictly Private and Confidential Draft December 8, 2014 Risk Management guidance box Guidance when using Smart Transaction.
A Brief Overview of draft-ietf-sidr-cp-01.txt draft-ietf-sidr-cps-rirs-01.txt draft-ietf-sidr-cps-isp-00.txt Steve Kent BBN Technologies.
Copyright © Cengage Learning. All rights reserved. 8 Introduction to Statistical Inferences.
Discussion of Unpaid Claim Estimate Standard  Raji Bhagavatula  Mary Frances Miller  Jason Russ November 13, 2006 CAS Annual Meeting San Francisco,
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.
© 2003 The MITRE Corporation. All rights reserved For Internal MITRE Use Addressing ISO-RTO e-MARC Concerns: Clarifications and Ramifications Response.
Comments on draft-ietf-pkix-scvp-19.txt IETF Meeting Paris - August 2005 Denis Pinkas
Public Key Infrastructures Evolving Approaches. 30-December-1998Copyright(c) Yale University Brief Sordid History n X.500 Directory Authentication.
SIP working group IETF#70 Essential corrections Keith Drage.
“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.
Strengthening Ohio’s Workers’ Compensation System.
3280bis David Cooper. Changes Since Draft 02 ● Section 1 (Introduction): Replaced text highlighting changes between RFC 2459 and 3280 with text highlighting.
Comments from Simplified PROCESS-DATA Exercise John Pietras CSTSWG Berlin May, 2011.
Slide title In CAPITALS 50 pt Slide subtitle 32 pt SEND Certificate Profile draft-krishnan-cgaext-send-cert-eku-01 Suresh Krishnan Ana Kukec Khaja Ahmed.
SonOf3039 Status Russ Housley Security Area Director.
TIA IPR Standing Committee Report to TIA Technical Committee “Normative References and IPR” October 21, 2005 Paul Vishny, Chair Dan Bart, TIA.
1 ipv6-node-02.PPT/ 18 November 2002 / John Loughney IETF 55 IPv6 Working Group IPv6 Node Requirements draft-ietf-ipv6-node-requirements-02.txt John Loughney.
Quality Assurance in the Presence of Variability Kim Lauenroth, Andreas Metzger, Klaus Pohl Institute for Computer Science and Business Information Systems.
1 ipv6-node-02.PPT/ 18 November 2002 / John Loughney IETF 55 IPv6 Working Group IPv6 Node Requirements draft-ietf-ipv6-node-requirements-02.txt John Loughney.
Comments on draft-ietf-pkix-rfc3280bis-01.txt IETF PKIX Meeting Paris - August 2005 Denis Pinkas
SMIv2 Translation to YANG Jürgen Schönwälder Jacobs University IETF 80 - NETMOD WG MEETING draft-schoenw-netmod-smi-yang-02.
SCVP-28 Tim Polk November 8, Current Status Draft -27 was submitted in June ‘06 –AD requested a revised ID 8/11 –No related discussion on list –Editors.
Governmental Accounting Revenues from Nonexchange Transactions Local Government Corporation.
Discovery of CRL Signer Certificate Stefan Santesson Microsoft.
Framework on Key Compromise, Key Loss & Key Rollover
Alternative Governance Models for PKI
Trust Anchor Management Problem Statement
Authority Recognition GGF9
Fundamentals Acquisitions 02 – Workflow Rules Administration
Attestation Concept additional explanation and implementation proposal
IETF 55 IPv6 Working Group IPv6 Node Requirements
Public Key Infrastructure Using X.509 (PKIX) Working Group
OSPF Extensions for ASON Routing draft-ietf-ccamp-gmpls-ason-routing-ospf-03.txt IETF67 - Prague - Mar’07 Dimitri.
Resource Certificate Profile
Procedural review of initial WG ballot on P802.1CF
Supplement 183 PS3.18 Re-Documentation
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006
Fiduciary Activities Robert M. Apple, CPA, MSA.
AUDIT TESTS.
Georgios Karagiannis, Tom Taylor, Kwok Chan, Michael Menth
Presentation transcript:

Warranty Certificate Extension draft-ietf-pkix-warranty-extn th IETF Meeting November 2002

2 Purpose and use Warranty certificate extension is non-critical Warranty extension explicitly offers immediate evidence of CA warranty, thereby –Enhances confidence to encourage use of certificates –Automates this aspect of risk management for RP Provides information on the warranty provided: –Offers either: Base warranty, or Explicit statement that there is no warranty (NULL), –Optionally offers extended warranty

3 Format & Syntax ASN.1 id-pe-warrantyData with OID Choice: NULL or information on base warranty Non-null warranty MUST include base warranty information Non-null warranty may include extended warranty Warranty period – before/after parameters Warranty value – using ISO 4217 currency identifiers –amount / (10 ** amtExp10)

4 Warranty Type Aggregated (0): claims are fulfilled until a ceiling value is reached; after that, no further claims are fulfilled. Per-transaction (1): a ceiling value is imposed on each claim, but each transaction is considered independently.

5 Optional qualifiers WarrantyData –Extended WarrantyInfo OPTIONAL: –Extended warranty information, with period, value and type WarrantyData –tcURL TermsAndConditionsURL OPTIONAL –Terms and conditions pointer – to CP or specific T&C about warranty The pointer is always a URL URL MUST be a non-relative URL MUST follow the URL syntax and encoding rules specified in RFC 1738

6 Benefits Relying Party: –Evidence of a warranty will give the relying party confidence that compensation is possible –Risk may be reduced by the presence of a warranty extension with an explicit warranty stated –Risk may be reduced by the presence of a warranty extension with NULL –Supports automated risk decisions –Explicit warranty if harmed by incorrect certificate: Specified maximum Specified validity period Subscriber: –Potential for greater acceptance of certificate CA: –Potential to increase certificate acceptance in ecommerce-related applications

7 Issues Should the extension be called a “disclaimer of liability” instead of a “warranty”, since the CA is providing warranty only up to a certain point, above which it does not offer a warranty – Is this a disclaimer of liability? (half-full vs. half-empty) Should tcURL be mandatory? If absent in the extension, then this could imply trust in the CA: The RP trusts the CA - and then, may not need a warranty. If the RP does not trust the CA, then the RP needs to know the T&C - therefore tcURL must be present. OTOH if tcURL is optional, then trust in the extension itself is implied – This may be sufficient for the RP, or the RP may go to the T&C.

8 Path forward Revise –01 and issue –02, addressing comments received –E.g., clarify text re warranty vs. liability Issues arising to be resolved via pkix list

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.