Presentation is loading. Please wait.

Presentation is loading. Please wait.

3280bis David Cooper. Changes Since Draft 02 ● Section 1 (Introduction): Replaced text highlighting changes between RFC 2459 and 3280 with text highlighting.

Published byPrudence Hopkins Modified over 9 years ago

Similar presentations

Presentation on theme: "3280bis David Cooper. Changes Since Draft 02 ● Section 1 (Introduction): Replaced text highlighting changes between RFC 2459 and 3280 with text highlighting."— Presentation transcript:

1 3280bis David Cooper

2 Changes Since Draft 02 ● Section 1 (Introduction): Replaced text highlighting changes between RFC 2459 and 3280 with text highlighting changes between RFC 3280 and 3280bis. ● Sections 4.1.2.4 and 4.1.2.6 (issuer and subject): Added text about using TeletexString, BMPString, and UniversalString in names of new CAs and end entities that are joining an existing domain where those encodings are already in use  Alignment with draft-ietf-pkix-cert-utf8-03.txt

3 Changes Since Draft 02 ● Section 4.2.1.12 (Extended Key Usage): Clarified that an application that requires the presence of an EKU extension with a particular OID is not required to accept the presence of anyExtendedKeyUsage as a match. ● Section 6.2 (Using the Path Validation Algorithm): Removed paragraph about extending path validation algorithm to conform to PEM rules.

4 Changes Since Draft 02 ● Added to Security Considerations text about  risks involving different strings with similar visual representations  risk of circular dependencies when using an HTTPS URI in cRLDistributionsPoints, authorityInfoAccess, or subjectInfoAccess extensions. ● Section 7 (Rules for Processing Internationalized Names): Clarified that strings are prepared as “stored” prior to comparison. ● Updated references section.

5 Open Issues ● Should 3280bis forbid conforming CAs from imposing name constraints on the x400Address, ediPartyName, and registeredID name forms? ● Include guidance on handling/avoiding circular dependencies in certificate status checking? ● Escape clause?

Download ppt "3280bis David Cooper. Changes Since Draft 02 ● Section 1 (Introduction): Replaced text highlighting changes between RFC 2459 and 3280 with text highlighting."

Similar presentations

IETF 71 Philadelphia - ENUM IANA Registration of Enumservices: Guide, Template and IANA Considerations draft-ietf-enum-enumservices-guide-08 B. Hoeneisen.

IETF 71 Philadelphia - ENUM IANA Registration of Enumservices: Guide, Template and IANA Considerations draft-ietf-enum-enumservices-guide-08 B. Hoeneisen.
Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Dynamic Symmetric Key Provisioning Protocol (DSKPP)
RPKI Certificate Policy Status Update Stephen Kent.

RPKI Certificate Policy Status Update Stephen Kent.
CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.

CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.
OTP-ValidationService: Summary, Status, and Next Steps OTPS Workshop, February 2006.

OTP-ValidationService: Summary, Status, and Next Steps OTPS Workshop, February 2006.
Copyright © 2003 Colin Perkins SDP Specification Update Colin Perkins

Copyright © 2003 Colin Perkins SDP Specification Update Colin Perkins
RPKI Certificate Policy Stephen Kent, Derrick Kong, Ronald Watro, Karen Seo July 21, 2010.

RPKI Certificate Policy Stephen Kent, Derrick Kong, Ronald Watro, Karen Seo July 21, 2010.
Overview of draft-ietf-sidr-roa-format-01.txt Matt Lepinski BBN Technologies.

Overview of draft-ietf-sidr-roa-format-01.txt Matt Lepinski BBN Technologies.
CRL Processing Rules Santosh Chokhani November 2004.

CRL Processing Rules Santosh Chokhani November 2004.
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.

Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.
Fed/Ed PKI 2008, June Subject Unique Identifier or Equivalent William A. Weems & Mark B. Jones Academic Technology U. Texas Health Science Center at Houston.

Fed/Ed PKI 2008, June Subject Unique Identifier or Equivalent William A. Weems & Mark B. Jones Academic Technology U. Texas Health Science Center at Houston.
RPKI Validation - Revisited draft-huston-rpki-validation-00.txt Geoff Huston George Michaelson APNIC.

RPKI Validation - Revisited draft-huston-rpki-validation-00.txt Geoff Huston George Michaelson APNIC.
MPKI Interoperability I-D ChangeLog from -01 to -02 Jan 16, 2004 Masaki SHIMAOKA SECOM Trust.net.

MPKI Interoperability I-D ChangeLog from -01 to -02 Jan 16, 2004 Masaki SHIMAOKA SECOM Trust.net.
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Certificate Path Building draft-ietf-pkix-certpathbuild-01.txt Peter Hesse Matt Cooper Yuriy Dzambasow Susan Joseph Richard Nicholas.

Certificate Path Building draft-ietf-pkix-certpathbuild-01.txt Peter Hesse Matt Cooper Yuriy Dzambasow Susan Joseph Richard Nicholas.
Modeling & Designing the Database

Modeling & Designing the Database
MIF API draft-ietf-mif-api-extension-05 Dapeng Liu.

MIF API draft-ietf-mif-api-extension-05 Dapeng Liu.
9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.

9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.
14 May 2002© 2000-02 TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.

14 May 2002© TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.
Warranty Certificate Extension draft-ietf-pkix-warranty-extn-01 55 th IETF Meeting November 2002.

Warranty Certificate Extension draft-ietf-pkix-warranty-extn th IETF Meeting November 2002.

Similar presentations

Ads by Google