FYI. Given problems we have seen in path validation and certificate revocation enforcement policies and practical features in grid software implementations, it might prove worthwhile to investigate and study this document, which I believe is now up for the RFC process. I'm not sure where discussion of this topic should take place. OGF? Yours, Alan Begin forwarded message:
From: The IESG <iesg-secretary@ietf.org> Date: September 25, 2007 2:06:25 PM CDT To: IETF-Announce <ietf-announce@ietf.org> Cc: Internet Architecture Board <iab@iab.org>, RFC Editor <rfc- editor@rfc-editor.org>, pkix mailing list <ietf-pkix@imc.org>, pkix chair <pkix-chairs@tools.ietf.org> Subject: Protocol Action: 'Server-based Certificate Validation Protocol (SCVP)' to Proposed Standard
The IESG has approved the following document:
- 'Server-based Certificate Validation Protocol (SCVP) ' <draft-ietf-pkix-scvp-33.txt> as a Proposed Standard
This document is the product of the Public-Key Infrastructure (X.509) Working Group.
The IESG contact persons are Sam Hartman and Tim Polk.
A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-pkix-scvp-33.txt
Technical Summary
SCVP allows a client to delegate certificate path construction and certificate path validation to a server. The path construction or validation (e.g., making sure that none of the certificates in the path are revoked) is performed according to a validation policy, which contains one or more trust anchors. It allows simplification of client implementations and use of a set of predefined validation policies.
Working Group Summary
The working group expressed consensus to advance the draft to Proposed Standard. Two participants raised concerns that this protocol did not meet all the requirements of RFC 3379 and introduced
significant new features. The working group investigated this claim and concluded that after minor revisions this document does meet the requirements and does not introduce significant new features.
Protocol Quality
This document has been reviewed by members of the ietf-pkix@imc.org mailing list and by the working group chairs. The protocol seems reasonable. This has been reviewed by Sam Hartman for the IESG.
Alan Sill, Ph.D TIGRE Senior Scientist, High Performance Computing Center Adjunct Professor of Physics TTU ==================================================================== : Alan Sill, Texas Tech University Office: Admin 233, MS 4-1167 : : e-mail: Alan.Sill@ttu.edu ph. 806-742-4350 fax 806-742-4358 : ====================================================================