⟦312360b11⟧

TextFile



CURRENT_MEETING_REPORT_


Reported by James Galvin/TIS

PEM I BOF Minutes

RFCs 1113, 1114 and 1115 are currently being revised.  During this
meeting, two new requirements that will be specified in the revised RFCs
were discussed.


   o Construction of distinguished names
   o Implementation requirements


The revised RFCs, more precisely RFC 1114, will be specifying the use of
mandatory, optional and prohibited attributes to be used in the
construction of distinguished names.  The reasons both for and against
the rules were discussed.  The principal reason in favor of the explicit
rules was enhancement of the assurance of the proper operation of the
certificate infrastructure.  The ability to recognize and distinguish
individual certificates from the those of a certification authority is a
desirable feature.  The principal reason against the explicit rules was
the concern about interoperability with directory services pilots and
the migration of PEM to use these services.  However, the discussion did
not yield a technical basis for the concern.

The revised RFCs, more precisely RFC 1114, will be specifying
requirements on implementations that directly affect the user interface.
Although it was agreed that security is enhanced if the requirements are
implemented, it was unanimously agreed there are other mechanisms by
which the ``concepts'' could be met.  There was a good deal of concern
about this issue.  The Chair was tasked with bringing the issue to the
attention of the Security Area Director and forwarding comments as
appropriate.

Attendees

James Galvin             galvin@tis.com
Anthony Lauck            lauck@tl.enet.dec.com
John Linn                ULTRA::LINN
E. Paul Love             loveep@sdsc.edu
Michael Reilly           reilly@pa.dec.com
Jeffrey Schiller         jis@mit.edu
Sam Sjogren              sjogren@tgv.com



                                   1
DataMuseum.dk

DKUUG/EUUG Conference tapes

⟦312360b11⟧ TextFile

Derivation

TextFile
