Skip to main content

Update to DirectoryString Processing in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
draft-ietf-pkix-cert-utf8-03

Revision differences

Document history

Date Rev. By Action
2012-08-22
03 (System) post-migration administrative database adjustment to the Yes position for Sam Hartman
2006-04-24
03 Amy Vezza State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza
2006-04-17
03 Amy Vezza IESG state changed to Approved-announcement sent
2006-04-17
03 Amy Vezza IESG has approved the document
2006-04-17
03 Amy Vezza Closed "Approve" ballot
2006-04-14
03 (System) Removed from agenda for telechat - 2006-04-13
2006-04-13
03 Amy Vezza State Changes to Approved-announcement to be sent from Waiting for AD Go-Ahead by Amy Vezza
2006-04-13
03 Sam Hartman [Ballot Position Update] Position for Sam Hartman has been changed to Yes from Discuss by Sam Hartman
2006-04-13
03 Russ Housley [Ballot Position Update] New position, Recuse, has been recorded for Russ Housley by Russ Housley
2006-04-13
03 Ted Hardie [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie by Ted Hardie
2006-04-13
03 (System) [Ballot Position Update] New position, No Objection, has been recorded for Ross Callon by IESG Secretary
2006-04-13
03 Magnus Westerlund
[Ballot comment]
The security consideration section seems very strange:

  The replacement text is much clearer.  The direction is much less
  prone to implementation …
[Ballot comment]
The security consideration section seems very strange:

  The replacement text is much clearer.  The direction is much less
  prone to implementation error.  Also, the use of consistent encoding
  for name components will ensure that name constraints work as
  expected.

As a minimal it seems to be lacking a reference to the base line in RFC 3280 that it tries to change. But also the statement that this should be more secure is not really clear on what aspects and why.

I expect this to be fixed when taking care of the Discuss about the similar looking names.
2006-04-13
03 Bill Fenner [Ballot Position Update] New position, No Objection, has been recorded for Bill Fenner by Bill Fenner
2006-04-13
03 Mark Townsley [Ballot Position Update] New position, No Objection, has been recorded for Mark Townsley by Mark Townsley
2006-04-13
03 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko by Jari Arkko
2006-04-13
03 Magnus Westerlund [Ballot Position Update] New position, No Objection, has been recorded for Magnus Westerlund by Magnus Westerlund
2006-04-13
03 Jon Peterson [Ballot Position Update] New position, No Objection, has been recorded for Jon Peterson by Jon Peterson
2006-04-13
03 Cullen Jennings
[Ballot comment]
I am concerned about how the visual comparisons of names security problem will be solved. I would be supportive of text that pointed …
[Ballot comment]
I am concerned about how the visual comparisons of names security problem will be solved. I would be supportive of text that pointed out the problem and did not try to provide a solution. I would change to a discuss if we put in text that required anyone to implement something that is a research problem.
2006-04-13
03 Cullen Jennings [Ballot Position Update] New position, No Objection, has been recorded for Cullen Jennings by Cullen Jennings
2006-04-12
03 (System) State has been changed to Waiting for AD Go-Ahead from In Last Call by system
2006-04-12
03 Michelle Cotton IANA Last Call Comments:
As described in the IANA Considerations section, we understand this document to have NO IANA Actions.
2006-04-12
03 Lisa Dusseault [Ballot Position Update] New position, No Objection, has been recorded for Lisa Dusseault by Lisa Dusseault
2006-04-12
03 Dan Romascanu [Ballot Position Update] New position, No Objection, has been recorded for Dan Romascanu by Dan Romascanu
2006-04-12
03 Lars Eggert [Ballot Position Update] New position, No Objection, has been recorded for Lars Eggert by Lars Eggert
2006-04-12
03 Brian Carpenter
[Ballot comment]
(actually picked up by David Black's Gen-ART review of the previous draft)

This sentence in section 5 lacks a verb:

|  When the …
[Ballot comment]
(actually picked up by David Black's Gen-ART review of the previous draft)

This sentence in section 5 lacks a verb:

|  When the subjectAltName extension contains a DN in the directoryName,
|  the same encoding preference as in 4.1.2.4.
2006-04-12
03 Brian Carpenter [Ballot Position Update] New position, No Objection, has been recorded for Brian Carpenter by Brian Carpenter
2006-04-11
03 Sam Hartman
[Ballot discuss]
A last call comment brought up the fact that spoofing of names has not
been documented as a security consideration either here or …
[Ballot discuss]
A last call comment brought up the fact that spoofing of names has not
been documented as a security consideration either here or in 3280.
2006-04-11
03 Sam Hartman [Ballot Position Update] Position for Sam Hartman has been changed to Discuss from Yes by Sam Hartman
2006-04-11
03 Sam Hartman [Ballot Position Update] New position, Yes, has been recorded for Sam Hartman
2006-04-11
03 Sam Hartman Ballot has been issued by Sam Hartman
2006-04-11
03 Sam Hartman Created "Approve" ballot
2006-04-10
03 (System) New version available: draft-ietf-pkix-cert-utf8-03.txt
2006-03-29
03 Amy Vezza Last call sent
2006-03-29
03 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2006-03-29
03 Sam Hartman Placed on agenda for telechat - 2006-04-13 by Sam Hartman
2006-03-29
03 Sam Hartman State Change Notice email list have been change to pkix-chairs@tools.ietf.org, housley@vigilsec.com, stefans@microsoft.com from pkix-chairs@tools.ietf.org
2006-03-29
03 Sam Hartman State Changes to Last Call Requested from Publication Requested by Sam Hartman
2006-03-29
03 Sam Hartman Last Call was requested by Sam Hartman
2006-03-29
03 (System) Ballot writeup text was added
2006-03-29
03 (System) Last call text was added
2006-03-29
03 (System) Ballot approval text was added
2006-03-29
03 Sam Hartman Shepherding AD has been changed to Sam Hartman from Russ Housley
2006-03-24
03 Dinara Suleymanova
PROTO Write-up

1.a) The chairs have personally reviewed this version of the Internet Draft
(ID), and believe this ID is ready to forward to the …
PROTO Write-up

1.a) The chairs have personally reviewed this version of the Internet Draft
(ID), and believe this ID is ready to forward to the IESG for publication. Tim
Polk is the WG Chair Shepherd for this document.

1.b) This document has been thoroughly reviewed by key WG members and key non-WG members. The technical content in this draft was first presented in draft-ietf-pkix-rfc3280bis-02.txt, so this information has undergone WG review for most of a year. I have no concerns about the depth or breadth of this review.

1.c) This document reflects the internationalization persepctive and
implementation experience gained from the publication of RFC 3280. I do not
believe additional review is needed.

1.d) I have no specific concerns/issues with this document.

1.e) WG consensus is solid with respective to this document. The content in
this document is widely understood and supported.

1.f) No one threatened an appeal or otherwise indicated extreme discontent.

1.g) The chairs verified that the document checks out against all the ID nits?
Two minor issues were detected; these issues were not judged sufficient to
preclude forwarding the document. The issues are:

There is a typographical error in the boilerplate "Status of this Memo". The
statement about referencing IDs ends with cite them other than a "work in progress." instead of cite them other than as "work in progress."

The IPR disclosure & notices were also omitted from this draft. Since the ID
Checklist states "If these notices are not present, then the RFC-Editor will add them" it was my interpretation that this ommission should not preclude
forwarding the document out of the Working Group.

1.h) This document includes only normative references. These references are
both to current RFCs.

1.i) Standards track publication is rfequested.

1.j)

Technical Summary

This document updates the handling of DirectoryString in the Internet X.509
Public Key Infrastructure Certificate and Certificate Revocation List (CRL)
Profile, which is published in RFC 3280. This update to RFC 3280 aligns support for international character sets with recent implementation and deployment experience, and the direction of the IETF PKIX Working Group. This
specification establishes UTF8String and PrintableString as the preferred
encodings. UTF8String provides support for international character sets, and
PrintableString preserves support for the vast bulk of the certificates that
have already been deployed.

Working Group Summary

The Working Group has extensively reviewed this technical content. The document entered Last Call on March 1. All last call issues were resolved with
publication of the current draft. Discussion during Last Call demonstarted
working group conensus. This document has strong WG support.

Protocol Quality

This specification aligns RFC 3280 with current implementations, reflecting the international PKI community's deployment experience.
2006-03-24
03 Dinara Suleymanova Draft Added by Dinara Suleymanova in state Publication Requested
2006-03-09
02 (System) New version available: draft-ietf-pkix-cert-utf8-02.txt
2006-02-24
01 (System) New version available: draft-ietf-pkix-cert-utf8-01.txt
2006-02-17
00 (System) New version available: draft-ietf-pkix-cert-utf8-00.txt