Internet X.509 Public Key Infrastructure Subject Alternative Name for Expression of Service Name
draft-ietf-pkix-srvsan-05
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
05 | (System) | post-migration administrative database adjustment to the No Objection position for Jari Arkko |
2012-08-22
|
05 | (System) | post-migration administrative database adjustment to the No Objection position for Sam Hartman |
2012-08-22
|
05 | (System) | post-migration administrative database adjustment to the No Objection position for Russ Housley |
2007-05-31
|
05 | (System) | IANA Action state changed to No IC from In Progress |
2007-05-31
|
05 | (System) | IANA Action state changed to In Progress |
2007-05-30
|
05 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
2007-05-30
|
05 | Amy Vezza | IESG state changed to Approved-announcement sent |
2007-05-30
|
05 | Amy Vezza | IESG has approved the document |
2007-05-30
|
05 | Amy Vezza | Closed "Approve" ballot |
2007-05-23
|
05 | Tim Polk | [Ballot Position Update] New position, Yes, has been recorded by Tim Polk |
2007-05-17
|
05 | Jari Arkko | I cleared my Discuss based on the new version not having the problematic example any more. |
2007-05-17
|
05 | Jari Arkko | [Ballot Position Update] Position for Jari Arkko has been changed to No Objection from Discuss by Jari Arkko |
2007-05-16
|
05 | Sam Hartman | [Ballot Position Update] Position for Sam Hartman has been changed to No Objection from Discuss by Sam Hartman |
2007-05-16
|
05 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to No Objection from Discuss by Russ Housley |
2007-05-16
|
05 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2007-05-16
|
05 | (System) | New version available: draft-ietf-pkix-srvsan-05.txt |
2007-04-13
|
05 | Tim Polk | Responsible AD has been changed to Tim Polk from Russ Housley |
2007-04-11
|
05 | Russ Housley | [Ballot discuss] I have been convinced that UTF8String is the wrong encoding to use in this SubjectAltName form. Storing the punycode in an IA5String seems … [Ballot discuss] I have been convinced that UTF8String is the wrong encoding to use in this SubjectAltName form. Storing the punycode in an IA5String seems like a much better solution. |
2007-04-11
|
05 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to Discuss from Yes by Russ Housley |
2007-01-18
|
05 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Susan Thomson. |
2007-01-12
|
05 | (System) | Removed from agenda for telechat - 2007-01-11 |
2007-01-11
|
05 | Amy Vezza | State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Amy Vezza |
2007-01-11
|
05 | Bill Fenner | [Ballot Position Update] New position, No Objection, has been recorded by Bill Fenner |
2007-01-11
|
05 | Lisa Dusseault | [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault |
2007-01-11
|
05 | (System) | [Ballot Position Update] New position, No Objection, has been recorded for Jon Peterson by IESG Secretary |
2007-01-11
|
05 | Sam Hartman | [Ballot comment] This specification is doing almost exactly the same thing as draft-ietf-kitten-gssapi-domain-based. However there are many ways in which the two specs are not … [Ballot comment] This specification is doing almost exactly the same thing as draft-ietf-kitten-gssapi-domain-based. However there are many ways in which the two specs are not aligned: 1) Different selection of service names: this uses the port number registry, while kitten uses the GSS-API service registry. I think this is unavoidable 2) Handling of internationalization. 3) Statement of applicability. This conflict may become problematic because this name form is an ideal candidate for implementing GSS domain-based names for PKIX certificates. I'd strongly encourage the authors of these two proposals to work together. This is not a discuss, but a strong last call comment. |
2007-01-11
|
05 | Sam Hartman | [Ballot discuss] First, the motivating example is wrong and needs to be removed. RFC 4556 defines the appropriate name form for Kerberos KDC certificates. While … [Ballot discuss] First, the motivating example is wrong and needs to be removed. RFC 4556 defines the appropriate name form for Kerberos KDC certificates. While that discussion is in the context of pkinit the name form should be used for other cases where Kerberos KDCs need to be identified. Implying that this spec would be appropriate for Kerberos means that we have two standards where only one is needed. This leads me to the more general question of when is it appropriate to use this name form.RFC 2782 has a very clear applicability statement. This specification does not. |
2007-01-11
|
05 | Sam Hartman | [Ballot Position Update] New position, Discuss, has been recorded by Sam Hartman |
2007-01-10
|
05 | Ross Callon | [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon |
2007-01-10
|
05 | Ted Hardie | [Ballot discuss] The document says: This section defines the SRVName name as a form of otherName from the GeneralName structure in SubjectAltName defined in … [Ballot discuss] The document says: This section defines the SRVName name as a form of otherName from the GeneralName structure in SubjectAltName defined in RFC 3280 [N2]. id-on-dnsSRV OBJECT IDENTIFIER ::= { id-on 7 } SRVName ::= UTF8String (SIZE (1..MAX)) The SRVName, if present, MUST contain a service name and a domain name in the following form: _Service.Name There are two issues here. One it, is not clear that UTF8String is appropriate without further limitations. RFC 2782 derives services from the old Assigned Numbers (STD 2/RFC 1700). None of the services assigned are beyond the ascii range there. The Name portion above uses IDNA to encode UTF8; are the authors and working group confident that a UTF8 Service string with prepended _ would be an appropriate choice? Or do they believe that UTF8 characters outside the ascii range will not occur in a PKIX context unless it has occurred in the DNS context? The larger issue is that this seems to elide one aspect of RFC 2782; the PROTO field. A common SRV lookup has the form _ldap._tcp.example.com (see the overview section of 2782). There are cases where the service name may be associated with multiple protocols and where the target hosts will not be the same. Why is this facility not replicated here? |
2007-01-10
|
05 | Ted Hardie | [Ballot Position Update] New position, Discuss, has been recorded by Ted Hardie |
2007-01-10
|
05 | Mark Townsley | [Ballot Position Update] New position, No Objection, has been recorded by Mark Townsley |
2007-01-10
|
05 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert |
2007-01-10
|
05 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
2007-01-09
|
05 | Cullen Jennings | [Ballot Position Update] New position, No Objection, has been recorded by Cullen Jennings |
2007-01-08
|
05 | Jari Arkko | [Ballot discuss] > Example: The "mail" service at na(LATIN SMALL LETTER I WITH > DIAERESIS)ve.net (an IDN, which becomes xn--nave-6pa.net when encoded > as … [Ballot discuss] > Example: The "mail" service at na(LATIN SMALL LETTER I WITH > DIAERESIS)ve.net (an IDN, which becomes xn--nave-6pa.net when encoded > as an IDNA) would use the following 15-character SRVName value: This violates our policy of not using other domain names than those officially allocated for examples. Use na(something)ve.example.net instead, for instance. |
2007-01-08
|
05 | Jari Arkko | [Ballot discuss] > Example: The "mail" service at na DIAERESIS>ve.net (an IDN, which becomes xn--nave-6pa.net when encoded > as an IDNA) would use the … [Ballot discuss] > Example: The "mail" service at na DIAERESIS>ve.net (an IDN, which becomes xn--nave-6pa.net when encoded > as an IDNA) would use the following 15-character SRVName value: This violates our policy of not using other domain names than those officially allocated for examples. Use nave.example.net instead, for instance. |
2007-01-08
|
05 | Jari Arkko | [Ballot Position Update] New position, Discuss, has been recorded by Jari Arkko |
2007-01-08
|
05 | Brian Carpenter | [Ballot Position Update] New position, No Objection, has been recorded by Brian Carpenter |
2006-12-21
|
05 | Yoshiko Fong | IANA Last Call Comment: As described in the IANA Considerations section, we understand this document to have NO IANA Actions. |
2006-12-19
|
05 | Russ Housley | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Russ Housley |
2006-12-19
|
05 | Russ Housley | Placed on agenda for telechat - 2007-01-11 by Russ Housley |
2006-12-19
|
05 | Russ Housley | [Ballot Position Update] New position, Yes, has been recorded for Russ Housley |
2006-12-19
|
05 | Russ Housley | Ballot has been issued by Russ Housley |
2006-12-19
|
05 | Russ Housley | Created "Approve" ballot |
2006-12-18
|
05 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
2006-12-12
|
04 | (System) | New version available: draft-ietf-pkix-srvsan-04.txt |
2006-12-06
|
05 | Samuel Weiler | Assignment of request for Last Call review by SECDIR to Stefan Santesson was rejected |
2006-12-06
|
05 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Susan Thomson |
2006-12-06
|
05 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Susan Thomson |
2006-12-05
|
05 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Stefan Santesson |
2006-12-05
|
05 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Stefan Santesson |
2006-12-04
|
05 | Amy Vezza | Last call sent |
2006-12-04
|
05 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
2006-12-04
|
05 | Russ Housley | State Changes to Last Call Requested from AD Evaluation by Russ Housley |
2006-12-04
|
05 | Russ Housley | Last Call was requested by Russ Housley |
2006-12-04
|
05 | (System) | Ballot writeup text was added |
2006-12-04
|
05 | (System) | Last call text was added |
2006-12-04
|
05 | (System) | Ballot approval text was added |
2006-12-04
|
05 | Russ Housley | State Changes to AD Evaluation from Publication Requested by Russ Housley |
2006-11-07
|
05 | Russ Housley | Draft Added by Russ Housley in state Publication Requested |
2006-10-18
|
03 | (System) | New version available: draft-ietf-pkix-srvsan-03.txt |
2006-06-22
|
02 | (System) | New version available: draft-ietf-pkix-srvsan-02.txt |
2006-01-20
|
01 | (System) | New version available: draft-ietf-pkix-srvsan-01.txt |
2005-09-23
|
00 | (System) | New version available: draft-ietf-pkix-srvsan-00.txt |