The IESG has approved the following document:
- 'OCSP Usage for Secure Telephone Identity Certificates'
  (draft-ietf-stir-certificates-ocsp-14.txt) as Proposed Standard

This document is the product of the Secure Telephone Identity Revisited
Working Group.

The IESG contact persons are Andy Newton, Charles Eckel and Deb Cooley.

A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-stir-certificates-ocsp/




Technical Summary

   When certificates are used as credentials to attest the assignment or
   ownership of telephone numbers, some mechanism is required to convey
   certificate freshness to relying parties.  Certififcate Revocation
   Lists (CRLs) are commonly used for this purpose, but for certain
   classes of certificates, including delegate certificates conveying
   their scope of authority by-reference in Secure Telephone Identity
   Revisited (STIR) systems, they may not be aligned with the needs of
   relying parties.  This document specifies the use of the Online
   Certificate Status Protocol (OCSP) as a means of retrieving real-time
   status information about such certificates, defining new extensions
   to compensate for the dynamism of telephone number assignments.

Working Group Summary

   Was there anything in the WG process that is worth noting?
   For example, was there controversy about particular points 
   or were there decisions where the consensus was
   particularly rough? 

     There were no major controversies, but the group did go back and forth 
about
     whether to include stapling in this document or to leave it for future 
work. The
     final consensus was to include stapling in this document.

Document Quality

   Are there existing implementations of the protocol?  Have a 
   significant number of vendors indicated their plan to
   implement the specification?  Are there any reviewers that
   merit special mention as having done a thorough review,
   e.g., one that resulted in important changes or a
   conclusion that the document had no substantive issues?  If
   there was a MIB Doctor, Media Type, or other Expert Review,
   what was its course (briefly)?  In the case of a Media Type
   Review, on what date was the request posted?

    The biggest consumer of STIR documents is US telephony carrier industry, as
    represented the ATIS/SIP Forum joint IP-NNI task force. That task force 
creates
    standards and architectures that incorporate STIR standards. At the time 
most of
    this work was done, IP-NNI was expected to use OCSP in their certificate
    delegation standard. Since then, IP-NNI has chosen not to use OCSP at this 
time,
    and instead recommends short-lived certificates. In the shepherd's
    opinion, it is possible (and maybe even likely) that they will incorporate 
OCSP
    in the future. There is still STIR working group consensus to publish.

Personnel

   The Document Shepherd for this document is Ben Campbell. 
   The Responsible Area Director is Orie Steele.

_______________________________________________
IETF-Announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to