Cryptographic Message Syntax (CMS) Content Constraints Extension
draft-housley-cms-content-constraints-extn-06
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
06 | (System) | post-migration administrative database adjustment to the No Objection position for Sean Turner |
2010-05-26
|
06 | Cindy Morgan | State Changes to RFC Ed Queue from Approved-announcement sent by Cindy Morgan |
2010-05-26
|
06 | (System) | IANA Action state changed to No IC from In Progress |
2010-05-26
|
06 | (System) | IANA Action state changed to In Progress |
2010-05-26
|
06 | Amy Vezza | IESG state changed to Approved-announcement sent |
2010-05-26
|
06 | Amy Vezza | IESG has approved the document |
2010-05-26
|
06 | Amy Vezza | Closed "Approve" ballot |
2010-05-26
|
06 | Amy Vezza | State Changes to Approved-announcement to be sent from IESG Evaluation - Defer::AD Followup by Amy Vezza |
2010-05-25
|
06 | Sean Turner | [Ballot Position Update] Position for Sean Turner has been changed to No Objection from Discuss by Sean Turner |
2010-05-24
|
06 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2010-05-24
|
06 | (System) | New version available: draft-housley-cms-content-constraints-extn-06.txt |
2010-05-20
|
06 | Cindy Morgan | State Changes to IESG Evaluation - Defer::Revised ID Needed from IESG Evaluation - Defer by Cindy Morgan |
2010-05-20
|
06 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
2010-05-20
|
06 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded by Jari Arkko |
2010-05-20
|
06 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded by Stewart Bryant |
2010-05-20
|
06 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica |
2010-05-20
|
06 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded by Adrian Farrel |
2010-05-20
|
06 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded by Gonzalo Camarillo |
2010-05-19
|
06 | Ralph Droms | [Ballot Position Update] New position, No Objection, has been recorded by Ralph Droms |
2010-05-19
|
06 | Sean Turner | [Ballot comment] [Updated: Removed original 12. Two new comments.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in … [Ballot comment] [Updated: Removed original 12. Two new comments.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in '97, but in PKIX/SMIME New ASN.1 it's '02. 14) Sec 3.1: r/if the certification path is valid for a signed CMS object/if the certification path is valid for a given context. |
2010-05-19
|
06 | Sean Turner | [Ballot discuss] [Updated to remove #1, but added a new #2] 2) Can you provide an alternate grouping in section 4 so the things that … [Ballot discuss] [Updated to remove #1, but added a new #2] 2) Can you provide an alternate grouping in section 4 so the things that are done multiple times are set apart from the thing that is done once per CMS path. I believe this will make things clearer. |
2010-05-19
|
06 | Sean Turner | [Ballot comment] [Updated: Removed original 12. Two new comments.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in … [Ballot comment] [Updated: Removed original 12. Two new comments.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in '97, but in PKIX/SMIME New ASN.1 it's '02. 14) Sec 3.1: r/if the certification path is valid for a signed CMS object/if the certification path is valid for a given context. |
2010-05-19
|
06 | Sean Turner | [Ballot discuss] [Updated] 1) Can you provide an alternate grouping in section 4 so the things that are done multiple times are set apart from … [Ballot discuss] [Updated] 1) Can you provide an alternate grouping in section 4 so the things that are done multiple times are set apart from the thing that is done once per CMS path. I believe this will make things clearer. |
2010-05-19
|
06 | Sean Turner | [Ballot comment] [Updated: Removed original 12. Two new comments.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in … [Ballot comment] [Updated: Removed original 12. Two new comments.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in '97, but in PKIX/SMIME New ASN.1 it's '02. 14) Sec 3.1: r/if the certification path is valid for a signed CMS object/if the certification path is valid for a given context. |
2010-05-19
|
06 | Sean Turner | [Ballot discuss] 1) Can you provide an alternate grouping in section 4 so the things that are done multiple times are set apart from the … [Ballot discuss] 1) Can you provide an alternate grouping in section 4 so the things that are done multiple times are set apart from the thing that is done once per CMS path. I believe this will make things clearer. |
2010-05-17
|
06 | Sean Turner | [Ballot comment] [Updated: Removed original 12. Two new comments.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in … [Ballot comment] [Updated: Removed original 12. Two new comments.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in '97, but in PKIX/SMIME New ASN.1 it's '02. 14) Sec 3.1: r/if the certification path is valid for a signed CMS object/if the certification path is valid for a given context. |
2010-05-10
|
06 | Sean Turner | [Ballot comment] [Updated: Removed original 12. One new comment.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in … [Ballot comment] [Updated: Removed original 12. One new comment.] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in '97, but in PKIX/SMIME New ASN.1 it's '02. |
2010-05-10
|
06 | Sean Turner | [Ballot comment] [Updated: Removed original 12. One new comments] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in … [Ballot comment] [Updated: Removed original 12. One new comments] Here are my comments on this draft: 13) In this I-D the reference for ASN.1 in '97, but in PKIX/SMIME New ASN.1 it's '02. |
2010-05-10
|
06 | Sean Turner | [Ballot comment] [Updated: Removed original 11. Two new comments] Here are my comments on this draft: 12) Sec 4: r/In such cases, each SignerInfo must … [Ballot comment] [Updated: Removed original 11. Two new comments] Here are my comments on this draft: 12) Sec 4: r/In such cases, each SignerInfo must be processed as if it were the only SignerInfo, and the CMS content constraints must be met in order for that signature to be considered valid./In such cases, each SignerInfo MUST be processed as if it were the only SignerInfo, and the CMS content constraints MUST be met in order for that signature to be considered valid. 13) In this I-D the reference for ASN.1 in '97, but in PKIX/SMIME New ASN.1 it's '02. |
2010-05-10
|
06 | Sean Turner | [Ballot discuss] |
2010-05-08
|
06 | Alexey Melnikov | [Ballot comment] 1. Introduction The CMS SignedData [RFC5652] construct is used to sign many things, including cryptographic module firmware packages [ … [Ballot comment] 1. Introduction The CMS SignedData [RFC5652] construct is used to sign many things, including cryptographic module firmware packages [RFC4108] and certificate management messages [RFC5272]. Similarly, the CMS AuthenticatedData and CMS AuthEnvelopedData constructs provide authentication, which can be affiliated with an originator's static public key. CCC information is conveyed via an extension in a This is the first use of the CCC acronym, so it should be expanded here (not not 2 pagraphs below). certificate or trust anchor object that contains the originator's or signer's public key. Is the extra complexity of having absenceEqualsUnconstrained worth it? |
2010-05-08
|
06 | Alexey Melnikov | [Ballot Position Update] New position, No Objection, has been recorded by Alexey Melnikov |
2010-05-07
|
06 | (System) | Removed from agenda for telechat - 2010-05-06 |
2010-05-04
|
05 | (System) | New version available: draft-housley-cms-content-constraints-extn-05.txt |
2010-05-03
|
06 | Russ Housley | [Ballot Position Update] New position, Recuse, has been recorded by Russ Housley |
2010-05-02
|
06 | Alexey Melnikov | State Changes to IESG Evaluation - Defer from Waiting for AD Go-Ahead by Alexey Melnikov |
2010-04-30
|
06 | Sean Turner | [Ballot comment] [Updated: fixed #ing of comments and added a new last comment] Here are my comments on this draft: 1) Sec 1: r/relying parties … [Ballot comment] [Updated: fixed #ing of comments and added a new last comment] Here are my comments on this draft: 1) Sec 1: r/relying parties MUST ensure/relying parties must ensure 2) Sec 1.2: r/The CMS content constraints mechanism can be used to place limits on the use of the subject public key used key used for .../The CMS content constraints mechanism can be used to place limits on the use of the subject public key used for ... 3) Sec 2 AttrType: r/value must be/value MUST be 4) Sec 3.1: r/If unconstrained, the trust anchor must either include/If unconstrained, the trust anchor MUST either include 5) Sec 3.1: r/trust anchor must have/trust anchor MUST have 6) Sec 3.1: r/processing must still be performed/processing MUST still be performed 7) Sec 3.5: r/then constraints must be checked./then constraints MUST be checked. 8) Sec 4.2: may/MAY X2 9) Sec 4.3: r/checking must be performed/checking MUST be performed 10) A.1 (to make it align with the PKIXASN1 import: OLD: FROM CryptographicMessageSyntax-2009 NEW: FROM -- [SMIMEASN1] CryptographicMessageSyntax-2009 11) Add a reference (same kind as PKIX) for SMIMEASN1: [SMIMEASN1] Hoffman, P. and J. Schaad, "New ASN.1 Modules for SMIME", in progress. 12) Sec 4: r/In such cases, each SignerInfo must be processed as if it were the only SignerInfo, and the CMS content constraints must be met in order for that signature to be considered valid./In such cases, each SignerInfo MUST be processed as if it were the only SignerInfo, and the CMS content constraints MUST be met in order for that signature to be considered valid. |
2010-04-30
|
06 | Sean Turner | [Ballot discuss] This is new: 1) References to [PKIXASN1] and [SMIMEASN1] need to normative. The ASN.1 in these modules is required to implement the module … [Ballot discuss] This is new: 1) References to [PKIXASN1] and [SMIMEASN1] need to normative. The ASN.1 in these modules is required to implement the module found in Annex A. |
2010-04-30
|
06 | Sean Turner | [Ballot Position Update] Position for Sean Turner has been changed to Discuss from No Objection by Sean Turner |
2010-04-27
|
06 | Sean Turner | [Ballot comment] Here are my comments on this draft: 1) Sec 1: r/relying parties MUST ensure/relying parties must ensure 1) Sec 1.2: r/The CMS content … [Ballot comment] Here are my comments on this draft: 1) Sec 1: r/relying parties MUST ensure/relying parties must ensure 1) Sec 1.2: r/The CMS content constraints mechanism can be used to place limits on the use of the subject public key used key used for .../The CMS content constraints mechanism can be used to place limits on the use of the subject public key used for ... 2) Sec 2 AttrType: r/value must be/value MUST be 3) Sec 3.1: r/If unconstrained, the trust anchor must either include/If unconstrained, the trust anchor MUST either include 4) Sec 3.1: r/trust anchor must have/trust anchor MUST have 5) Sec 3.1: r/processing must still be performed/processing MUST still be performed 6) Sec 3.5: r/then constraints must be checked./then constraints MUST be checked. 7) Sec 4.2: may/MAY X2 8) Sec 4.3: r/checking must be performed/checking MUST be performed 9) A.1 (to make it align with the PKIXASN1 import: OLD: FROM CryptographicMessageSyntax-2009 NEW: FROM -- [SMIMEASN1] CryptographicMessageSyntax-2009 10) Add a reference (same kind as PKIX) for SMIMEASN1: [SMIMEASN1] Hoffman, P. and J. Schaad, "New ASN.1 Modules for SMIME", in progress. |
2010-04-27
|
06 | Sean Turner | [Ballot Position Update] New position, No Objection, has been recorded by Sean Turner |
2010-04-26
|
06 | Tim Polk | [Ballot Position Update] New position, Yes, has been recorded for Tim Polk |
2010-04-26
|
06 | Tim Polk | Ballot has been issued by Tim Polk |
2010-04-26
|
06 | Tim Polk | Created "Approve" ballot |
2010-04-26
|
06 | Tim Polk | State Change Notice email list have been change to housley@vigilsec.com, cwallace@cygnacom.com, srashmo@radium.ncsc.mil, draft-housley-cms-content-constraints-extn@tools.ietf.org, GBeier@cygnacom.com from housley@vigilsec.com, cwallace@cygnacom.com, srashmo@radium.ncsc.mil, … State Change Notice email list have been change to housley@vigilsec.com, cwallace@cygnacom.com, srashmo@radium.ncsc.mil, draft-housley-cms-content-constraints-extn@tools.ietf.org, GBeier@cygnacom.com from housley@vigilsec.com, cwallace@cygnacom.com, srashmo@radium.ncsc.mil, draft-housley-cms-content-constraints-extn@tools.ietf.org |
2010-04-26
|
06 | Tim Polk | [Note]: 'Geoff Beier <GBeier@cygnacom.com> is the document shepherd' added by Tim Polk |
2010-04-26
|
06 | Tim Polk | Placed on agenda for telechat - 2010-05-06 by Tim Polk |
2010-04-19
|
06 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
2010-04-16
|
06 | Amanda Baber | IANA comments: As described in the IANA Considerations section, we understand this document to have NO IANA Actions. |
2010-04-15
|
06 | Sam Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Paul Hoffman. |
2010-03-24
|
06 | Sam Weiler | Request for Last Call review by SECDIR is assigned to Paul Hoffman |
2010-03-24
|
06 | Sam Weiler | Request for Last Call review by SECDIR is assigned to Paul Hoffman |
2010-03-22
|
06 | Amy Vezza | Last call sent |
2010-03-22
|
06 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
2010-03-22
|
06 | Tim Polk | Last Call was requested by Tim Polk |
2010-03-22
|
06 | (System) | Ballot writeup text was added |
2010-03-22
|
06 | (System) | Last call text was added |
2010-03-22
|
06 | (System) | Ballot approval text was added |
2010-03-22
|
06 | Tim Polk | State Changes to Last Call Requested from Publication Requested by Tim Polk |
2010-03-22
|
06 | Tim Polk | Intended Status has been changed to Proposed Standard from Informational |
2010-03-22
|
06 | Tim Polk | Note field has been cleared by Tim Polk |
2010-03-22
|
04 | (System) | New version available: draft-housley-cms-content-constraints-extn-04.txt |
2010-03-02
|
06 | Tim Polk | Draft Added by Tim Polk in state Publication Requested |
2010-02-01
|
03 | (System) | New version available: draft-housley-cms-content-constraints-extn-03.txt |
2009-10-20
|
02 | (System) | New version available: draft-housley-cms-content-constraints-extn-02.txt |
2009-09-05
|
06 | (System) | Document has expired |
2009-03-04
|
01 | (System) | New version available: draft-housley-cms-content-constraints-extn-01.txt |
2007-10-04
|
00 | (System) | New version available: draft-housley-cms-content-constraints-extn-00.txt |