Brian E Carpenter wrote:
> I definitely recommend replacing lower-case "may" in a case like
> the one below.
Agreed.
> Perhaps:
>>> , and MUST NOT be
>>> enabled unless the JRC indicates support for them
Changed.
--
Michael Richardson
Final comments/actions on Toerless' awesome review.
The -13 is coming out soon, but we have 13 issues to resolve still.
>
-
> Section 8)
> a) First paragraph: Unvailable MASA is not a security but an
>
Comments on section 5, 6 and 7.
> --
> Section 5.4
> a) See comment for section 2.4.4 for where i think the first paragraph
> description should be.
There isn't a 2.4.4, so I'm not really sure I understand
MAX: please look for your name.
Toerless Eckert wrote:
> Section 5)
> a) Suggest changing the title to "Protocol Details (Pledge - Registrar
> - MASA / CA)"
> to distinguish from Section 4. Might consider also to move up section
renamed.
> b) MASA URI is
>
-
> Section 4. 1)
> a.1) Suggest to change title to "Proxying Details (Plege - Proxy -
> Registrar)" because the section does not only discuss the proxy but
> also the aspects/reqirements of
Sunday I was skiing (it didn't rain!) and this morning I was distracted by
another urgent matter, so I'll get another two hours to work on this now, and
then I'll post a new version of the draft before the deadline.
It is unlikely that I'll get through all your suggested edits, and I still
need
On 05/03/2018 00:04, Eliot Lear wrote:
> Hi,
>
> I'm not Max but I hope you won't mind me commenting in three places:
>
>
> On 02.03.18 23:59, Michael Richardson wrote:
>
>> Section 2.1
>>> a) The term "Request Join" is only used here, and its IMHO not very logical
>>> (disclaimer: toerless:
Hi,
I'm not Max but I hope you won't mind me commenting in three places:
On 02.03.18 23:59, Michael Richardson wrote:
> Section 2.1
>> a) The term "Request Join" is only used here, and its IMHO not very logical
>> (disclaimer: toerless: en.wikipedia.org/wiki/ESL). It sounds to me like the
>>
I would ideally like to begin the WGLC once I've posted the revised document
and then take any of your issues that I wasn't able to resolve as last call
comments (open issues on tools or github).
Toerless Eckert wrote:
> d)
> I am missing in the initial chapters a
Max, please search for QUESTION.
Toerless Eckert wrote:
> 1.) Introduction
>
> a) The intro of 1. is somehat confusing to the uninitiated.
>
> Suggest the followinf replacement text for two paragraps:
>
> BRSKI provides a solution for secure zero-touch (automated) bootstrap of
>
On Tue, Feb 20, 2018 at 10:00:10PM -0500, Michael Richardson wrote:
>
> Yes, that in the thread, where I referred to a thread back in January 2017,
> in which you were involved in coming up with the names.
>
> >> + , and may be
> >> + enabled only if the JRC indicates support for
Toerless Eckert wrote:
>> "Registrar". The term JRC is used in common with other bootstrap
>> mechanisms.
>>
>> + (Public) Key Infrastructure: The collection of systems and processes
>> + that sustain the activities of a public key system. In an
On Wed, Feb 21, 2018 at 02:45:12AM +, Max Pritikin (pritikin) wrote:
>
> The MASA is a certifier of vouchers. A voucher isn???t really a PKI construct
> today. Its more of a distribution of trust-anchor or ???pinned cert???
> construct used to bootstrap a PKI because the PKI???s don???t
Toerless Eckert wrote:
> Thanks, Michael
> Can't see a commit on github since 6 dyays ago, maybe in different branch
?
> Comments for now therefore inline against your email.
Yeah, it's on the toerless-terminology-comments branch.
About to be in -11.
--
Michael
> On Feb 20, 2018, at 7:38 PM, Toerless Eckert wrote:
>
> Thanks, Michael
> Can't see a commit on github since 6 dyays ago, maybe in different branch ?
> Comments for now therefore inline against your email.
>
> On Tue, Feb 20, 2018 at 07:54:40PM -0500, Michael Richardson
Toerless Eckert wrote:
> Overall:
> a) Requirements about EST:
> - The introduction says: "Integration with a complete EST enrollment is
> optional but trivial"
> - 5.8.3 says "The Pledge MUST request a new client certificate".
> - 1.4 says "bootstrapped
Max Pritikin (pritikin) wrote:
>>> b) Key infrastructure
>>
>>> There is no definition/reference for this term. Please describe on
>>> first use and in terminology. Is there a difference
>>> between "key infrastructure" and "keying material" ? If
On Thu, Feb 15, 2018 at 05:32:30PM +, Max Pritikin (pritikin) wrote:
> Certificates are a data format for encoding public keys and associated
> certifications (e.g. the CA signature) etc. I think this could reasonably be
> called data needed to establish a cryptographic security association.
> On Feb 15, 2018, at 10:14 AM, Toerless Eckert wrote:
>
> On Thu, Feb 15, 2018 at 04:06:33PM +, Max Pritikin (pritikin) wrote:
b) Key infrastructure
>>>
There is no definition/reference for this term. Please describe on
first use and in terminology. Is
On Thu, Feb 15, 2018 at 04:06:33PM +, Max Pritikin (pritikin) wrote:
> >> b) Key infrastructure
> >
> >> There is no definition/reference for this term. Please describe on
> >> first use and in terminology. Is there a difference
> >> between "key infrastructure" and "keying material" ?
> On Feb 14, 2018, at 7:45 PM, Michael Richardson wrote:
>
>
> Toerless Eckert wrote:
>> 1.2) Terminology:
>
>> a) vendor vs. manufacturer.
>
>> The document uses 48 times "vendor" and 13 times "manufacturer". Please
>> revisit this: If there is a
Toerless Eckert wrote:
> 1.2) Terminology:
> a) vendor vs. manufacturer.
> The document uses 48 times "vendor" and 13 times "manufacturer". Please
> revisit this: If there is a clear reason when/why to use vendor and
when/why
> to use the term
Hi Toerless,
thanks for this reminder about terminology in keyinfra.
I have made several attempts at explaining the authors the possible
misunderstandings on terminology.
Let's hope your input helps.
I will look at your other comments later this week.
Peter
b) Key infrastructure
There
23 matches
Mail list logo