Skip to main content

X.509 Certificate General-Purpose Extended Key Usage (EKU) for Document Signing
draft-ietf-lamps-documentsigning-eku-06

Revision differences

Document history

Date Rev. By Action
2022-12-20
06 (System)
Received changes through RFC Editor sync (created alias RFC 9336, changed title to 'X.509 Certificate General-Purpose Extended Key Usage (EKU) for Document Signing', changed …
Received changes through RFC Editor sync (created alias RFC 9336, changed title to 'X.509 Certificate General-Purpose Extended Key Usage (EKU) for Document Signing', changed abstract to 'RFC 5280 specifies several extended key purpose identifiers (KeyPurposeIds) for X.509 certificates.  This document defines a general-purpose Document-Signing KeyPurposeId for inclusion in the Extended Key Usage (EKU) extension of X.509 public key certificates.  Document-Signing applications may require that the EKU extension be present and that a Document-Signing KeyPurposeId be indicated in order for the certificate to be acceptable to that Document-Signing application.', changed standardization level to Proposed Standard, changed state to RFC, added RFC published event at 2022-12-20, changed IESG state to RFC Published)
2022-12-20
06 (System) RFC published
2022-12-12
06 (System) RFC Editor state changed to AUTH48-DONE from AUTH48
2022-11-10
06 (System) RFC Editor state changed to AUTH48
2022-11-02
06 (System) RFC Editor state changed to RFC-EDITOR from EDIT
2022-10-05
06 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2022-10-05
06 (System) IANA Action state changed to Waiting on RFC Editor from In Progress
2022-10-05
06 (System) IANA Action state changed to In Progress from Waiting on Authors
2022-10-04
06 (System) IANA Action state changed to Waiting on Authors from In Progress
2022-09-29
06 (System) RFC Editor state changed to EDIT
2022-09-29
06 (System) IESG state changed to RFC Ed Queue from Approved-announcement sent
2022-09-29
06 (System) Announcement was received by RFC Editor
2022-09-29
06 (System) IANA Action state changed to In Progress
2022-09-29
06 Cindy Morgan IESG state changed to Approved-announcement sent from Approved-announcement to be sent
2022-09-29
06 Cindy Morgan IESG has approved the document
2022-09-29
06 Cindy Morgan Closed "Approve" ballot
2022-09-29
06 Cindy Morgan Ballot approval text was generated
2022-09-29
06 Roman Danyliw IESG state changed to Approved-announcement to be sent from Approved-announcement to be sent::AD Followup
2022-09-29
06 (System) Removed all action holders (IESG state changed)
2022-09-29
06 (System) Sub state has been changed to AD Followup from Revised ID Needed
2022-09-29
06 Tadahiko Ito New version available: draft-ietf-lamps-documentsigning-eku-06.txt
2022-09-29
06 Sean Turner New version approved
2022-09-29
06 (System) Request for posting confirmation emailed to previous authors: Sean Turner , Tadahiko Ito , Tomofumi Okubo
2022-09-29
06 Tadahiko Ito Uploaded new revision
2022-08-31
05 Barry Leiba Closed request for Last Call review by ARTART with state 'Overtaken by Events': Document has finished IESG processing
2022-08-31
05 Barry Leiba Assignment of request for Last Call review by ARTART to Paul Kyzivat was marked no-response
2022-08-25
05 (System) Changed action holders to Sean Turner, Tomofumi Okubo, Tadahiko Ito (IESG state changed)
2022-08-25
05 Cindy Morgan IESG state changed to Approved-announcement to be sent::Revised I-D Needed from IESG Evaluation
2022-08-25
05 Andrew Alston [Ballot Position Update] New position, No Objection, has been recorded for Andrew Alston
2022-08-25
05 Murray Kucherawy
[Ballot comment]
Section 7 as worded is a little confusing, though I managed to figure out what it's trying to say.  I suggest it get …
[Ballot comment]
Section 7 as worded is a little confusing, though I managed to figure out what it's trying to say.  I suggest it get a once-over before it goes on to the RFC Editor.  If you need some suggested text, I'd be happy to provide some.
2022-08-25
05 Murray Kucherawy [Ballot Position Update] New position, No Objection, has been recorded for Murray Kucherawy
2022-08-24
05 Warren Kumari [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari
2022-08-24
05 John Scudder [Ballot Position Update] New position, No Objection, has been recorded for John Scudder
2022-08-24
05 Amanda Baber IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2022-08-24
05 Zaheduzzaman Sarker [Ballot Position Update] New position, No Objection, has been recorded for Zaheduzzaman Sarker
2022-08-24
05 Alvaro Retana [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana
2022-08-24
05 Robert Wilton [Ballot Position Update] New position, No Objection, has been recorded for Robert Wilton
2022-08-23
05 Paul Wouters
[Ballot comment]
# Security AD comments for {draft-ietf-lamps-documentsigning-eku-04}
CC @paulwouters

## Comments:

### humans

  The term "Document Signing" in this document refers …
[Ballot comment]
# Security AD comments for {draft-ietf-lamps-documentsigning-eku-04}
CC @paulwouters

## Comments:

### humans

  The term "Document Signing" in this document refers to digitally
  signing contents that are consumed by people.  To be more precise,
  contents are intended to be shown to a person with printable or
  displayable form by means of services or software, rather than
  processed by machines.

Is there a reason to only include human readers and not machines? Why not
leave it to users to decide how to use this?

### key usage vs KU

  The EKU extension can be used in conjunction with the key usage extension

Would it make sense to call that the KU extension, or key usage (KU) extension

### Section 4 humans again

  The signed contents of Internet-Drafts are primarily intended to be
  consumed by people.

### RFCs is people?

What is this "signed contents of Internet-Drafts" ? Should that be "signed
contents of Documents" ?

### single example?

  When a single application has the capability to process various data
  formats, the software may choose to make the excluded and permitted
  decisions separately in accordance with the format it is handling
  (e.g. text, pdf, etc).

Why is this text in the document? It seems kinda out of scope.

### Section 6 allows squatting?

  This general
  document signing KeyPurposeId may be used as a stop-gap for those
  that intend to define their own KeyPurposeId

It seems weird for this document to say "this is for document signing, but hey
go squat on this value for other uses if that's convenient".


## NITS

### Section 1

[RFC5280]  is a broken link

I can't parse: the usage can easily become out of control.

weird use of "-" in:  use. - If the

Paragraph 3 in Section 1 is in its entirety hard to parse.

### Section 3

[RFC5280] is a broken link
2022-08-23
05 Paul Wouters [Ballot Position Update] New position, Yes, has been recorded for Paul Wouters
2022-08-23
05 Lars Eggert
[Ballot comment]
# GEN AD review of draft-ietf-lamps-documentsigning-eku-05

CC @larseggert

Thanks to Dale Worley for the General Area Review Team (Gen-ART) review
(https://mailarchive.ietf.org/arch/msg/gen-art/1T23l8-kN8pEMqnQvh1ir3MsGVw). …
[Ballot comment]
# GEN AD review of draft-ietf-lamps-documentsigning-eku-05

CC @larseggert

Thanks to Dale Worley for the General Area Review Team (Gen-ART) review
(https://mailarchive.ietf.org/arch/msg/gen-art/1T23l8-kN8pEMqnQvh1ir3MsGVw).

## Comments

### Section 4, paragraph 1
```
    The signed contents of Internet-Drafts are primarily intended to be
```
Did you mean "documents" here instead of "Internet-Drafts"?

## Nits

All comments below are about very minor potential issues that you may choose to
address in some way - or ignore - as you see fit. Some were flagged by
automated tools (via https://github.com/larseggert/ietf-reviewtool), so there
will likely be some false positives. There is no need to let me know what you
did with these suggestions.

### Typos

#### Section 1, paragraph 3
```
-    owner but by another vendor, the vender who own the KeyPurposeIds may
-                                        ^
-    not able to control use, or even do not know about the use. - If the
-                                                                -
+    owner but by another vendor, the vendor who own the KeyPurposeIds may
+                                        ^
```

#### Section 4, paragraph 5
```
-      party software proresses each restriction on "Excluded
-                        ^
+      party software processes each restriction on "Excluded
+                        ^
```

### Grammar/style

#### Section 4, paragraph 8
```
the format it is handling (e.g. text, pdf, etc). 5. Implications for a Certif
                                      ^^^
```
File types are normally capitalized.

#### Section 4, paragraph 8
```
ormat it is handling (e.g. text, pdf, etc). 5. Implications for a Certificati
                                      ^^^
```
A period is needed after the abbreviation "etc.".

## Notes

This review is in the ["IETF Comments" Markdown format][ICMF], You can use the
[`ietf-comments` tool][ICT] to automatically convert this review into
individual GitHub issues. Review generated by the [`ietf-reviewtool`][IRT].

[ICMF]: https://github.com/mnot/ietf-comments/blob/main/format.md
[ICT]: https://github.com/mnot/ietf-comments
[IRT]: https://github.com/larseggert/ietf-reviewtool
2022-08-23
05 Lars Eggert [Ballot Position Update] New position, No Objection, has been recorded for Lars Eggert
2022-08-22
05 Nancy Cam-Winget Request for Last Call review by SECDIR Completed: Ready. Reviewer: Nancy Cam-Winget. Sent review to list.
2022-08-22
05 Éric Vyncke [Ballot Position Update] New position, Yes, has been recorded for Éric Vyncke
2022-08-21
05 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2022-08-21
05 Tadahiko Ito New version available: draft-ietf-lamps-documentsigning-eku-05.txt
2022-08-21
05 Sean Turner New version approved
2022-08-21
05 (System) Request for posting confirmation emailed to previous authors: Sean Turner , Tadahiko Ito , Tomofumi Okubo
2022-08-21
05 Tadahiko Ito Uploaded new revision
2022-08-19
04 Erik Kline
[Ballot comment]
# Internet AD comments for {draft-ietf-lamps-documentsigning-eku-04}
CC @ekline

## Comments

### S3,4

* Given that documents may be presented to people …
[Ballot comment]
# Internet AD comments for {draft-ietf-lamps-documentsigning-eku-04}
CC @ekline

## Comments

### S3,4

* Given that documents may be presented to people "by means of ... software"
  perhaps a slight tweak to the "rather than processed by machines", e.g.:

    - "rather than processed primarily by machines", or
    - "rather than processed principally by machines"

## Nits

### S4

* s/instead of single/instead of a single/

* s/proresses/processes/ I think?
2022-08-19
04 Erik Kline [Ballot Position Update] New position, No Objection, has been recorded for Erik Kline
2022-08-16
04 Roman Danyliw Placed on agenda for telechat - 2022-08-25
2022-08-16
04 Roman Danyliw Ballot has been issued
2022-08-16
04 Roman Danyliw [Ballot Position Update] New position, Yes, has been recorded for Roman Danyliw
2022-08-16
04 Roman Danyliw Created "Approve" ballot
2022-08-16
04 Roman Danyliw IESG state changed to IESG Evaluation from Waiting for Writeup
2022-08-16
04 Roman Danyliw Ballot writeup was changed
2022-08-11
04 (System) IESG state changed to Waiting for Writeup from In Last Call
2022-08-10
04 Sabrina Tanamal IANA Experts State changed to Expert Reviews OK from Reviews assigned
2022-08-10
04 Sabrina Tanamal IANA Review state changed to IANA OK - Actions Needed from IANA - Not OK
2022-08-10
04 Sabrina Tanamal IANA Experts State changed to Reviews assigned
2022-08-10
04 (System) IANA Review state changed to IANA - Not OK from IANA - Review Needed
2022-08-10
04 Sabrina Tanamal
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has completed its review of draft-ietf-lamps-documentsigning-eku-04. If any part of this review is inaccurate, please let …
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has completed its review of draft-ietf-lamps-documentsigning-eku-04. If any part of this review is inaccurate, please let us know.

The IANA Functions Operator understands that, upon approval of this document, there are two actions which we must complete.

First, in the SMI Security for PKIX Extended Key Purpose on the Structure of Management Information (SMI) Numbers (MIB Module Registrations) registry page located at:

https://www.iana.org/assignments/smi-numbers/

a new registration will be made as follows:

Decimal: [ TBD-at-Registration ]
Description: id-kp-documentSigning
Reference: [ RFC-to-be ]

As this document requests registrations in a Specification Required (see RFC 8126) registry, we will initiate the required Expert Review via a separate request. This review must be completed before the document's IANA state can be changed to "IANA OK."

Second, in the SMI Security for PKIX Module Identifier registry, also on the Structure of Management Information (SMI) Numbers (MIB Module Registrations) registry page located at:

https://www.iana.org/assignments/smi-numbers/

a new registration will be made as follows:

Decimal: [ TBD-at-Registration ]
Description: id-mod-docsign-eku
Reference: [ RFC-to-be ]

As this also requests registrations in a Specification Required (see RFC 8126) registry, we will initiate the required Expert Review via a separate request. This review must be completed before the document's IANA state can be changed to "IANA OK."

The IANA Functions Operator understands that these are the only actions required to be completed upon approval of this document.

Note:  The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the list of actions that will be performed.

For definitions of IANA review states, please see:

https://datatracker.ietf.org/help/state/draft/iana-review

Thank you,

Sabrina Tanamal
Lead IANA Services Specialist
2022-08-07
04 Dale Worley Request for Last Call review by GENART Completed: Ready with Nits. Reviewer: Dale Worley. Sent review to list.
2022-08-04
04 Tero Kivinen Request for Last Call review by SECDIR is assigned to Nancy Cam-Winget
2022-08-04
04 Tero Kivinen Request for Last Call review by SECDIR is assigned to Nancy Cam-Winget
2022-08-04
04 Jean Mahoney Request for Last Call review by GENART is assigned to Dale Worley
2022-08-04
04 Jean Mahoney Request for Last Call review by GENART is assigned to Dale Worley
2022-07-28
04 Barry Leiba Request for Last Call review by ARTART is assigned to Paul Kyzivat
2022-07-28
04 Barry Leiba Request for Last Call review by ARTART is assigned to Paul Kyzivat
2022-07-28
04 Cindy Morgan IANA Review state changed to IANA - Review Needed
2022-07-28
04 Cindy Morgan
The following Last Call announcement was sent out (ends 2022-08-11):

From: The IESG
To: IETF-Announce
CC: draft-ietf-lamps-documentsigning-eku@ietf.org, housley@vigilsec.com, lamps-chairs@ietf.org, rdd@cert.org, spasm@ietf.org …
The following Last Call announcement was sent out (ends 2022-08-11):

From: The IESG
To: IETF-Announce
CC: draft-ietf-lamps-documentsigning-eku@ietf.org, housley@vigilsec.com, lamps-chairs@ietf.org, rdd@cert.org, spasm@ietf.org
Reply-To: last-call@ietf.org
Sender:
Subject: Last Call:  (General Purpose Extended Key Usage (EKU) for Document Signing X.509 Certificates) to Proposed Standard


The IESG has received a request from the Limited Additional Mechanisms for
PKIX and SMIME WG (lamps) to consider the following document: - 'General
Purpose Extended Key Usage (EKU) for Document Signing X.509
  Certificates'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@ietf.org mailing lists by 2022-08-11. Exceptionally, comments may
be sent to iesg@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


  RFC5280 specifies several extended key purpose identifiers
  (KeyPurposeIds) for X.509 certificates.  This document defines a
  general purpose document signing KeyPurposeId for inclusion in the
  Extended Key Usage (EKU) extension of X.509 public key certificates.
  Document Signing applications may require that the EKU extension be
  present and that a document signing KeyPurposeId be indicated in
  order for the certificate to be acceptable to that Document Signing
  application.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-lamps-documentsigning-eku/



No IPR declarations have been submitted directly on this I-D.




2022-07-28
04 Cindy Morgan IESG state changed to In Last Call from Last Call Requested
2022-07-28
04 Roman Danyliw Last call was requested
2022-07-28
04 Roman Danyliw Last call announcement was generated
2022-07-28
04 Roman Danyliw Ballot approval text was generated
2022-07-28
04 Roman Danyliw Ballot writeup was generated
2022-07-28
04 Roman Danyliw IESG state changed to Last Call Requested from AD Evaluation::AD Followup
2022-07-26
04 (System) Changed action holders to Roman Danyliw (IESG state changed)
2022-07-26
04 (System) Sub state has been changed to AD Followup from Revised ID Needed
2022-07-26
04 Tadahiko Ito New version available: draft-ietf-lamps-documentsigning-eku-04.txt
2022-07-26
04 Sean Turner New version approved
2022-07-26
04 (System) Request for posting confirmation emailed to previous authors: Sean Turner , Tadahiko Ito , Tomofumi Okubo
2022-07-26
04 Tadahiko Ito Uploaded new revision
2022-07-13
03 Roman Danyliw AD Review: https://mailarchive.ietf.org/arch/msg/spasm/C_7A4RiuaBJaR5GTu19WCto3H_Y/
2022-07-13
03 (System) Changed action holders to Sean Turner, Roman Danyliw, Tomofumi Okubo, Tadahiko Ito (IESG state changed)
2022-07-13
03 Roman Danyliw IESG state changed to AD Evaluation::Revised I-D Needed from Publication Requested
2022-07-13
03 Russ Housley Added to session: IETF-114: lamps  Wed-1000
2022-05-05
03 Russ Housley
Shepherd Write-up for draft-ietf-lamps-documentsigning-eku-03


(1) Does the working group (WG) consensus represent the strong
concurrence of a few individuals, with others being silent, or did …
Shepherd Write-up for draft-ietf-lamps-documentsigning-eku-03


(1) Does the working group (WG) consensus represent the strong
concurrence of a few individuals, with others being silent, or did it
reach broad agreement?

  There is broad support for this document in the LAMPS WG.

(2) Was there controversy about particular points, or were there
decisions where the consensus was particularly rough?

  One or two people spoke against it when the idea was originally
  raised, but no one spoke against it in the last year.
 
(3) Has anyone threatened an appeal or otherwise indicated extreme
discontent?  If so, please summarize the areas of conflict in separate
email messages to the responsible Area Director.  (It should be in a
separate email because this questionnaire is publicly available.)

  No one has threatened an appeal or indicated extreme discontent.

(4) For protocol documents, are there existing implementations of the
contents of the document?  Have a significant number of potential
implementers indicated plans to implement?  Are any existing
implementations reported somewhere, either in the document itself (as
RFC 7942 recommends) or elsewhere (where)?

  Several Certification Authorities (CAs) have expressed an intention
  to support this new extended key usage value.

(5) Does this document need review from other IETF working groups or
external organizations?  Have those reviews occurred?

  None needed.

(6) Describe how the document meets any required formal expert review
criteria, such as the MIB Doctor, YANG Doctor, media type, and URI type
reviews.

  ASN.1 is used.  The document shepherd compiled the ASN.1 module
  after inserting placeholder values for the ones that need to be
  assigned by IANA.  It compiles without errors.

(7) If the document contains a YANG module, has the final version of the
module been checked with any of the recommended validation tools for
syntax and formatting validation?  If there are any resulting errors or
warnings, what is the justification for not fixing them at this time?
Does the YANG module comply with the Network Management Datastore
Architecture (NMDA) as specified in RFC 8342?

  YANG is not used in the document.

(8) Describe reviews and automated checks performed to validate sections
of the final version of the document written in a formal language, such
as XML code, BNF rules, MIB definitions, CBOR's CDDL, etc.

  ASN.1 is used.  The document shepherd compiled the ASN.1 module
  after inserting placeholder values for the ones that need to be
  assigned by IANA.  It compiles without errors.

(9) Based on the shepherd's review of the document, is it their opinion
that this document is needed, clearly written, complete, correctly
designed, and ready to be handed off to the responsible Area Director?

  The document shepherd finds the document clear and complete.

(10) Several IETF Areas have assembled lists of common issues that their
reviewers encounter.  Do any such issues remain that would merit specific
attention from subsequent reviews?

  The document shepherd finds no concerns.

(11) What type of RFC publication is being requested on the IETF stream
(Best Current Practice, Proposed Standard, Internet Standard,
Informational, Experimental, or Historic)?  Why is this the proper type
of RFC?  Do all Datatracker state attributes correctly reflect this
intent?

  Proposed Standard.  The datatracker indicates this intent.

(12) Has the interested community confirmed that any and all appropriate
IPR disclosures required by BCP 78 and BCP 79 have been filed?  If not,
explain why.  If yes, summarize any discussion and conclusion regarding
the intellectual property rights (IPR) disclosures, including links to
relevant emails.

  All authors and contributors have explicitly confirmed that all IPR
  disclosures required for full conformance with the provisions of
  BCP 78 and BCP 79 have already been filed.  There are none.

(13) Has each Author or Contributor confirmed their willingness to be
listed as such?  If the number of Authors/Editors on the front page is
greater than 5, please provide a justification.

  All authors have explicitly confirmed their willingness to be listed
  as an author.  All contributors are listed as authors.

(14) Identify any remaining I-D nits in this document.  (See the idnits
tool and the checkbox items found in Guidelines to Authors of
Internet-Drafts).  Simply running the idnits tool is not enough; please
review the entire guidelines document.

  IDnits does not raise any issues.

  The document shepherd review of the document did not find any
  issues related to the Guidelines to Authors of Internet-Drafts.

(15) Should any informative references be normative or vice-versa?

  All references are in the proper category.

(16) List any normative references that are not freely available to
anyone.  Did the community have sufficient access to review any such
normative references?

  All normative references are RFCs, except one.  ITU-T X.680 can be
  downloaded for free from the following URL:
 
  https://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-X.680-202102-I!!PDF-E

(17) Are there any normative downward references (see RFC 3967, BCP 97)?
If so, list them.

  There are no downrefs.

(18) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state?  If they exist, what is
the plan for their completion?

  All of the normative references have already been published.

(19) Will publication of this document change the status of any existing
RFCs?  If so, does the Datatracker metadata correctly reflect this and
are those RFCs listed on the title page, in the abstract, and discussed
in the introduction?  If not, explain why and point to the part of the
document where the relationship of this document to these other RFCs is
discussed.

  Publication of this document will not effect the status of any
  other documents.

(20) Describe the document shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document.  Confirm that all aspects of the document requiring IANA
assignments are associated with the appropriate reservations in IANA
registries.  Confirm that any referenced IANA registries have been
clearly identified.  Confirm that each newly created IANA registry
specifies its initial contents, allocations procedures, and a reasonable
name (see RFC 8126).

  No concerns were found.  The IANA Considerations ask IANA to assign
  two object identifiers from existing registries, and the document
  shepherd is the IANA Designated Expert for the registries where these
  will be assigned.

(21) List any new IANA registries that require Designated Expert Review
for future allocations.  Are the instructions to the Designated Expert
clear?  Please include suggestions of designated experts, if appropriate.

  No new IANA registries are needed.
2022-05-05
03 Russ Housley Responsible AD changed to Roman Danyliw
2022-05-05
03 Russ Housley IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up
2022-05-05
03 Russ Housley IESG state changed to Publication Requested from I-D Exists
2022-05-05
03 Russ Housley IESG process started in state Publication Requested
2022-05-05
03 Russ Housley
Shepherd Write-up for draft-ietf-lamps-documentsigning-eku-03


(1) Does the working group (WG) consensus represent the strong
concurrence of a few individuals, with others being silent, or did …
Shepherd Write-up for draft-ietf-lamps-documentsigning-eku-03


(1) Does the working group (WG) consensus represent the strong
concurrence of a few individuals, with others being silent, or did it
reach broad agreement?

  There is broad support for this document in the LAMPS WG.

(2) Was there controversy about particular points, or were there
decisions where the consensus was particularly rough?

  One or two people spoke against it when the idea was originally
  raised, but no one spoke against it in the last year.
 
(3) Has anyone threatened an appeal or otherwise indicated extreme
discontent?  If so, please summarize the areas of conflict in separate
email messages to the responsible Area Director.  (It should be in a
separate email because this questionnaire is publicly available.)

  No one has threatened an appeal or indicated extreme discontent.

(4) For protocol documents, are there existing implementations of the
contents of the document?  Have a significant number of potential
implementers indicated plans to implement?  Are any existing
implementations reported somewhere, either in the document itself (as
RFC 7942 recommends) or elsewhere (where)?

  Several Certification Authorities (CAs) have expressed an intention
  to support this new extended key usage value.

(5) Does this document need review from other IETF working groups or
external organizations?  Have those reviews occurred?

  None needed.

(6) Describe how the document meets any required formal expert review
criteria, such as the MIB Doctor, YANG Doctor, media type, and URI type
reviews.

  ASN.1 is used.  The document shepherd compiled the ASN.1 module
  after inserting placeholder values for the ones that need to be
  assigned by IANA.  It compiles without errors.

(7) If the document contains a YANG module, has the final version of the
module been checked with any of the recommended validation tools for
syntax and formatting validation?  If there are any resulting errors or
warnings, what is the justification for not fixing them at this time?
Does the YANG module comply with the Network Management Datastore
Architecture (NMDA) as specified in RFC 8342?

  YANG is not used in the document.

(8) Describe reviews and automated checks performed to validate sections
of the final version of the document written in a formal language, such
as XML code, BNF rules, MIB definitions, CBOR's CDDL, etc.

  ASN.1 is used.  The document shepherd compiled the ASN.1 module
  after inserting placeholder values for the ones that need to be
  assigned by IANA.  It compiles without errors.

(9) Based on the shepherd's review of the document, is it their opinion
that this document is needed, clearly written, complete, correctly
designed, and ready to be handed off to the responsible Area Director?

  The document shepherd finds the document clear and complete.

(10) Several IETF Areas have assembled lists of common issues that their
reviewers encounter.  Do any such issues remain that would merit specific
attention from subsequent reviews?

  The document shepherd finds no concerns.

(11) What type of RFC publication is being requested on the IETF stream
(Best Current Practice, Proposed Standard, Internet Standard,
Informational, Experimental, or Historic)?  Why is this the proper type
of RFC?  Do all Datatracker state attributes correctly reflect this
intent?

  Proposed Standard.  The datatracker indicates this intent.

(12) Has the interested community confirmed that any and all appropriate
IPR disclosures required by BCP 78 and BCP 79 have been filed?  If not,
explain why.  If yes, summarize any discussion and conclusion regarding
the intellectual property rights (IPR) disclosures, including links to
relevant emails.

  All authors and contributors have explicitly confirmed that all IPR
  disclosures required for full conformance with the provisions of
  BCP 78 and BCP 79 have already been filed.  There are none.

(13) Has each Author or Contributor confirmed their willingness to be
listed as such?  If the number of Authors/Editors on the front page is
greater than 5, please provide a justification.

  All authors have explicitly confirmed their willingness to be listed
  as an author.  All contributors are listed as authors.

(14) Identify any remaining I-D nits in this document.  (See the idnits
tool and the checkbox items found in Guidelines to Authors of
Internet-Drafts).  Simply running the idnits tool is not enough; please
review the entire guidelines document.

  IDnits does not raise any issues.

  The document shepherd review of the document did not find any
  issues related to the Guidelines to Authors of Internet-Drafts.

(15) Should any informative references be normative or vice-versa?

  All references are in the proper category.

(16) List any normative references that are not freely available to
anyone.  Did the community have sufficient access to review any such
normative references?

  All normative references are RFCs, except one.  ITU-T X.680 can be
  downloaded for free from the following URL:
 
  https://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-X.680-202102-I!!PDF-E

(17) Are there any normative downward references (see RFC 3967, BCP 97)?
If so, list them.

  There are no downrefs.

(18) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state?  If they exist, what is
the plan for their completion?

  All of the normative references have already been published.

(19) Will publication of this document change the status of any existing
RFCs?  If so, does the Datatracker metadata correctly reflect this and
are those RFCs listed on the title page, in the abstract, and discussed
in the introduction?  If not, explain why and point to the part of the
document where the relationship of this document to these other RFCs is
discussed.

  Publication of this document will not effect the status of any
  other documents.

(20) Describe the document shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document.  Confirm that all aspects of the document requiring IANA
assignments are associated with the appropriate reservations in IANA
registries.  Confirm that any referenced IANA registries have been
clearly identified.  Confirm that each newly created IANA registry
specifies its initial contents, allocations procedures, and a reasonable
name (see RFC 8126).

  No concerns were found.  The IANA Considerations ask IANA to assign
  two object identifiers from existing registries, and the document
  shepherd is the IANA Designated Expert for the registries where these
  will be assigned.

(21) List any new IANA registries that require Designated Expert Review
for future allocations.  Are the instructions to the Designated Expert
clear?  Please include suggestions of designated experts, if appropriate.

  No new IANA registries are needed.
2022-05-04
03 Russ Housley Notification list changed to housley@vigilsec.com because the document shepherd was set
2022-05-04
03 Russ Housley Document shepherd changed to Russ Housley
2022-05-04
03 Russ Housley Changed consensus to Yes from Unknown
2022-05-04
03 Russ Housley Intended Status changed to Proposed Standard from None
2022-05-04
03 Russ Housley IETF WG state changed to WG Consensus: Waiting for Write-Up from WG Document
2022-03-31
03 Tadahiko Ito New version available: draft-ietf-lamps-documentsigning-eku-03.txt
2022-03-31
03 (System) New version approved
2022-03-31
03 (System) Request for posting confirmation emailed to previous authors: Sean Turner , Tadahiko Ito , Tomofumi Okubo
2022-03-31
03 Tadahiko Ito Uploaded new revision
2022-03-07
02 Tadahiko Ito New version available: draft-ietf-lamps-documentsigning-eku-02.txt
2022-03-07
02 (System) New version approved
2022-03-07
02 (System) Request for posting confirmation emailed to previous authors: Sean Turner , Tadahiko Ito , Tomofumi Okubo
2022-03-07
02 Tadahiko Ito Uploaded new revision
2022-03-01
01 Tadahiko Ito New version available: draft-ietf-lamps-documentsigning-eku-01.txt
2022-03-01
01 (System) New version approved
2022-03-01
01 (System) Request for posting confirmation emailed to previous authors: Sean Turner , Tadahiko Ito , Tomofumi Okubo
2022-03-01
01 Tadahiko Ito Uploaded new revision
2022-01-14
00 Russ Housley This document now replaces draft-ito-documentsigning-eku instead of None
2022-01-14
00 Tadahiko Ito New version available: draft-ietf-lamps-documentsigning-eku-00.txt
2022-01-14
00 (System) WG -00 approved
2022-01-12
00 Tadahiko Ito Set submitter to "Tadahiko Ito ", replaces to (none) and sent approval email to group chairs: lamps-chairs@ietf.org
2022-01-12
00 Tadahiko Ito Uploaded new revision