ESSCertIDv2 Update for RFC 3161
RFC 5816

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    pkix mailing list <pkix@ietf.org>, 
    pkix chair <pkix-chairs@tools.ietf.org>
Subject: Protocol Action: 'ESSCertIDv2 update for RFC 3161' to Proposed Standard

The IESG has approved the following document:

- 'ESSCertIDv2 update for RFC 3161 '
   <draft-ietf-pkix-rfc3161-update-09.txt> as a Proposed Standard


This document is the product of the Public-Key Infrastructure (X.509) Working Group. 

The IESG contact persons are Tim Polk and Pasi Eronen.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-pkix-rfc3161-update-09.txt

Technical Summary

The time stamping protocol defined in RFC 3161 requires that the CMS
SignedData (RFC 3852), used to apply a digital signature on the time-stamp
token, include a signed attribute that identifies the signer's
certificate.
This document updates RFC 3161 and allows the use of ESSCertIDv2 defined
in RFC 5035 to specify the hash of a signer certificate when the hash is
calculated with a function other than SHA-1. The update provided by this
draft is motivated by interoperability concerns and to facilitate
migration to other hash algorithms.

Work Group Summary

This draft is the second attempt by the PKIX working group to specify an
update of RFC 3161 to accommodate the ESSCertIDv2 identifier in RFC 3161
time stamps. Prior to this draft, another author (Denis Pinkas) submitted
a draft that would have replaced RFC 3161. The workgroup rejected this
draft on the basis that it introduced many material changes to the
original RFC that were not viewed as necessary. As a result, this very
brief document was created to provide just the necessary updates of
ESSCertIDv2.

The protocol update portions of this document were very simple and not
controversial. The Security Considerations section proved to be a
significant challenge, as WG members demonstrated different opinions
regarding the nature and severity of the threat mitigated by this protocol
update. There was also some disagreement over whether this threat was
within the scope of this document. The WG agreed on the present wording
after considerable debate.

Document Quality

The document is very brief and is clearly written.

Personnel

   Steve Kent is the Document Shepherd and  Tim Polk is the 
   Responsible Area Director.