End-to-End Signing and Object Encryption for the Extensible Messaging and Presence Protocol (XMPP)
draft-ietf-xmpp-e2e-09
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2012-08-22
|
09 | (System) | post-migration administrative database adjustment to the No Objection position for Steven Bellovin |
|
2012-08-22
|
09 | (System) | post-migration administrative database adjustment to the No Objection position for Russ Housley |
|
2004-07-26
|
09 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
|
2004-07-26
|
09 | Amy Vezza | IESG state changed to Approved-announcement sent |
|
2004-07-26
|
09 | Amy Vezza | IESG has approved the document |
|
2004-07-26
|
09 | Amy Vezza | Closed "Approve" ballot |
|
2004-07-25
|
09 | Scott Hollenbeck | State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Scott Hollenbeck |
|
2004-07-23
|
09 | Steven Bellovin | [Ballot Position Update] Position for Steve Bellovin has been changed to No Objection from Discuss by Steve Bellovin |
|
2004-07-14
|
09 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to No Objection from Discuss by Russ Housley |
|
2004-07-14
|
09 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
|
2004-07-14
|
09 | (System) | New version available: draft-ietf-xmpp-e2e-09.txt |
|
2004-06-25
|
09 | (System) | Removed from agenda for telechat - 2004-06-24 |
|
2004-06-24
|
09 | Amy Vezza | State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Amy Vezza |
|
2004-06-24
|
09 | Amy Vezza | [Ballot Position Update] New position, No Objection, has been recorded for Bill Fenner by Amy Vezza |
|
2004-06-24
|
09 | Thomas Narten | [Ballot Position Update] New position, No Objection, has been recorded for Thomas Narten by Thomas Narten |
|
2004-06-24
|
09 | Harald Alvestrand | [Ballot comment] Reviewed by Spencer Dawkins, Gen-ART The comments are serious enough to warrant addressing, but I don't think they warrant an extra DISCUSS. |
|
2004-06-24
|
09 | Harald Alvestrand | [Ballot Position Update] New position, No Objection, has been recorded for Harald Alvestrand by Harald Alvestrand |
|
2004-06-24
|
09 | Allison Mankin | [Ballot Position Update] New position, No Objection, has been recorded for Allison Mankin by Allison Mankin |
|
2004-06-24
|
09 | Jon Peterson | [Ballot Position Update] Position for Jon Peterson has been changed to No Objection from Undefined by Jon Peterson |
|
2004-06-24
|
09 | Jon Peterson | [Ballot Position Update] New position, Undefined, has been recorded for Jon Peterson by Jon Peterson |
|
2004-06-24
|
09 | Alex Zinin | [Ballot Position Update] New position, No Objection, has been recorded for Alex Zinin by Alex Zinin |
|
2004-06-24
|
09 | Margaret Cullen | [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman |
|
2004-06-23
|
09 | David Kessens | [Ballot Position Update] New position, No Objection, has been recorded for David Kessens by David Kessens |
|
2004-06-22
|
09 | Ted Hardie | [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie by Ted Hardie |
|
2004-06-21
|
09 | Steven Bellovin | [Ballot comment] Is some mechanism necessary by which a node can ascertain if the remote end supports this mechanism? |
|
2004-06-21
|
09 | Russ Housley | [Ballot discuss] In section 6.3, says that the subjectAltName in a certificate SHOULD contain a 'im:' URI a 'pres:' URI of the user. This … [Ballot discuss] In section 6.3, says that the subjectAltName in a certificate SHOULD contain a 'im:' URI a 'pres:' URI of the user. This is fine. Then, it says that the 'from' attribute SHOULD match the URI in the certificate. I prefer a MUST statement. Something like: If the certificate contains a URI, then it MUST match the 'from' attribute. Of course, the final document text must include the exception text. In the last paragraph of section 6.3, the certificate syntax does not support the suggested use of otherName. Name forms are identified by object identifiers, not ASCII strings. Section 6.9 does not provide a key management algorithm for EnvelopedData. Also, not all of the algorithms listed are specified in [CMS-ALG]. I propose the following replacement text: 6.9 Mandatory to Implement Cryptographic Algorithms All implementations MUST support the following algorithms. Implementations MAY support other algorithms as well. For CMS SignedData: - the SHA-1 message digest as specified in [CMS-ALG] section 2.1. - the RSA (PKCS #1 v1.5) with SHA-1 signature algorithm, as specified in [CMS-ALG] section 3.2. For CMS EnvelopedData: - the RSA (PKCS #1 v1.5) key transport, as specified in [CMS-ALG] section 4.2.1. - the AES-128 encryption algorithm in CBC mode, as specified in [CMS-AES]. { Note: [CMS-AES] is a new reference to RFC 3565. } I expected section 6 to say something about the correct processing of messages with invalid digital signatures, messages that cannot be decrypted, and messages that appear to be replayed. The only situation that seems to be addressed is when the name in the certificate does not match the name in the message. |
|
2004-06-21
|
09 | Russ Housley | [Ballot comment] Please change the title of the document to reflect the support of digital signatures as well as encryption. Please delete section … [Ballot comment] Please change the title of the document to reflect the support of digital signatures as well as encryption. Please delete section 1.2 prior to publication as an RFC. The section headings for section 3 and section 4 are misleading. I expected to see discussion of encryption, but the sections are about digital signatures. [CERT] should point to draft-ietf-smime-rfc2632bis-*, which is in the RFC Editor queue. [CMC] is pointing to the wrong document. It should be a reference to RFC 2797. Also, this should be an informative reference, not a normative one. [CMP] should be an informative reference, not a normative one. [CMS] should point to draft-ietf-smime-rfc3369bis-*, which is in the RFC Editor queue. [SMIME] should point to draft-ietf-smime-rfc2633bis-*, which is in the RFC Editor queue. I think [XML] should be an informative reference, not a normative one. |
|
2004-06-21
|
09 | Russ Housley | [Ballot Position Update] New position, Discuss, has been recorded for Russ Housley by Russ Housley |
|
2004-06-18
|
09 | Steven Bellovin | [Ballot discuss] What is the proper error reply when a node receives a message it can't decrypt? Are there standard error replies for the error … [Ballot discuss] What is the proper error reply when a node receives a message it can't decrypt? Are there standard error replies for the error conditions (i.e., timestamp failure) described in this document? |
|
2004-06-18
|
09 | Steven Bellovin | [Ballot Position Update] Position for Steve Bellovin has been changed to Discuss from Undefined by Steve Bellovin |
|
2004-06-18
|
09 | Steven Bellovin | [Ballot comment] Is some mechanism necessary by which a node can ascertain if the remote end supports this mechanism? What is the proper reply by … [Ballot comment] Is some mechanism necessary by which a node can ascertain if the remote end supports this mechanism? What is the proper reply by a node that receives a |
|
2004-06-18
|
09 | Steven Bellovin | [Ballot Position Update] New position, Undefined, has been recorded for Steve Bellovin by Steve Bellovin |
|
2004-06-11
|
09 | Scott Hollenbeck | [Ballot Position Update] New position, Yes, has been recorded for Scott Hollenbeck |
|
2004-06-11
|
09 | Scott Hollenbeck | Ballot has been issued by Scott Hollenbeck |
|
2004-06-11
|
09 | Scott Hollenbeck | Created "Approve" ballot |
|
2004-06-09
|
09 | Scott Hollenbeck | Placed on agenda for telechat - 2004-06-24 by Scott Hollenbeck |
|
2004-06-09
|
09 | Scott Hollenbeck | State Changes to IESG Evaluation from Waiting for AD Go-Ahead::AD Followup by Scott Hollenbeck |
|
2004-06-09
|
09 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
|
2004-06-09
|
08 | (System) | New version available: draft-ietf-xmpp-e2e-08.txt |
|
2004-06-08
|
09 | Scott Hollenbeck | State Changes to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for AD Go-Ahead by Scott Hollenbeck |
|
2004-04-23
|
09 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
|
2004-04-09
|
09 | Amy Vezza | Last call sent |
|
2004-04-09
|
09 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
|
2004-04-08
|
09 | Scott Hollenbeck | Last Call was requested by Scott Hollenbeck |
|
2004-04-08
|
09 | Scott Hollenbeck | State Changes to Last Call Requested from Last Call Requested by Scott Hollenbeck |
|
2004-04-08
|
09 | (System) | Ballot writeup text was added |
|
2004-04-08
|
09 | (System) | Last call text was added |
|
2004-04-08
|
09 | (System) | Ballot approval text was added |
|
2004-04-08
|
09 | Scott Hollenbeck | State Changes to Last Call Requested from AD is watching by Scott Hollenbeck |
|
2004-04-08
|
09 | Scott Hollenbeck | Section 1.3 (Intellectual Property Notice) of this document should be removed and instead sent to the IETF for inclusion on the IPR notice page: http://www.ietf.org/ipr.html … Section 1.3 (Intellectual Property Notice) of this document should be removed and instead sent to the IETF for inclusion on the IPR notice page: http://www.ietf.org/ipr.html The [XML-REG] reference is now RFC 3688. Section 9.1: has the media type description been sent to the IETF-types list for review and comment? I would also refer to section 8 in the "security considerations" portion of the template. Section 9.2: the registrant must be something more stable than an IETF working group. RFC 3688 says "In the case of IETF developed standards, the Registrant will be the IESG". Section 9.2: how will revisions to the elements in the namespace be supported over time? I've been bugging document authors lately about a lack of text describing how versioning will be addressed; this document is also missing detail describing what happens in the future if something needs to change. Will a new namespace be needed? How will backwards compatibility be addressed if/when the namespace changes? |
|
2004-04-08
|
09 | Scott Hollenbeck | Intended Status has been changed to Proposed Standard from None |
|
2004-04-07
|
09 | Scott Hollenbeck | State Change Notice email list have been change to presnick@qualcomm.com, lisa@osafoundation.org, stpeter@jabber.org from , |
|
2004-03-10
|
09 | Scott Hollenbeck | Shepherding AD has been changed to Scott Hollenbeck from Ted Hardie |
|
2004-01-09
|
07 | (System) | New version available: draft-ietf-xmpp-e2e-07.txt |
|
2004-01-06
|
(System) | Posted related IPR disclosure: Jabber, Inc. and Jabber Software Foundation's Joint Statement About IPR Claimed in Specifications Produced by the XMPP WG | |
|
2003-11-21
|
06 | (System) | New version available: draft-ietf-xmpp-e2e-06.txt |
|
2003-08-25
|
05 | (System) | New version available: draft-ietf-xmpp-e2e-05.txt |
|
2003-07-02
|
04 | (System) | New version available: draft-ietf-xmpp-e2e-04.txt |
|
2003-05-21
|
03 | (System) | New version available: draft-ietf-xmpp-e2e-03.txt |
|
2003-04-22
|
02 | (System) | New version available: draft-ietf-xmpp-e2e-02.txt |
|
2003-04-08
|
01 | (System) | New version available: draft-ietf-xmpp-e2e-01.txt |
|
2003-03-17
|
09 | Ted Hardie | Draft Added by Hardie, Ted |
|
2003-02-06
|
00 | (System) | New version available: draft-ietf-xmpp-e2e-00.txt |