Presentation is loading. Please wait.

Presentation is loading. Please wait.

Brian Tung Issues List by Jeff Hutzelman

Published byConrad Bridges Modified over 8 years ago

Similar presentations

Presentation on theme: "Brian Tung Issues List by Jeff Hutzelman"— Presentation transcript:

1 Brian Tung brian@isi.edu Issues List by Jeff Hutzelman
PKINIT20 Brian Tung Issues List by Jeff Hutzelman

2 Major Issues OPEN 013 – OCSP and optional revocation information
Merge spec into PKINIT or submit as separate draft? OPEN DH key derivation OPEN Which encoding - DER vs BER? (Love #2) DER would be consistent, but some objects could be BER? OPEN 035 – Wrap CMS objects in OCTET STRINGs? Change to on-the-wire protocol? Does using IMPLICIT OCTET STRING avoid this?

3 Questions OPEN 020 - Unauthenticated plaintext issues
OPEN Nonce type? Does this have to do with recommended sizes for nonce? Check for consistency with clarifications? XXXX What key should the reply be enveloped with in the encKey case? (Love #1) OPEN subjectAltName/OtherName issues (Love #7) Changed again with PKINIT20

4 More Questions NEW 038 - DH groups selection
Move from RFC 2409 groups 1/2 to RFC 3526 OPEN Root CA cert in chain? OPEN encryption certificate change not protected Does this refer to removing legacy text?

5 Editorial DONE 002 - REMOVE use of raw public keys
XXXX Security of cached DH values and use of a nonce Zero nonce OK? XXXX Confirm alignment with CMS OPEN Confirm alignment with clarifications What remains? OPEN Update PA types

6 More Editorial OPEN 021 - TrustedCAs context tags broken (Love #5)
Does anything remain? OPEN cname mapping proposal Did Larry submit a mapping proposal? OPEN Unconstrained Integers (Love #6) Is this related to nonce type issue? (028) NEW ASN.1 module inconsistency

Download ppt "Brian Tung Issues List by Jeff Hutzelman"

Similar presentations

A Profile for Trust Anchor Material for the Resource Certificate PKI Geoff Huston SIDR WG IETF 74.

A Profile for Trust Anchor Material for the Resource Certificate PKI Geoff Huston SIDR WG IETF 74.
Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Dynamic Symmetric Key Provisioning Protocol (DSKPP)
CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.

CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.
Pk-init-21.txt Brian Tung Issues Believed Closed 499 (007): Refs1510bis  Clarifications 513 (021): Context tag inconsistency in TrustedCAs.

Pk-init-21.txt Brian Tung Issues Believed Closed 499 (007): Refs1510bis  Clarifications 513 (021): Context tag inconsistency in TrustedCAs.
SIP Working Group Jonathan Rosenberg dynamicsoft.

SIP Working Group Jonathan Rosenberg dynamicsoft.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format

Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format
SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.

SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Certificates.

Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Certificates.
Overview of draft-ietf-sidr-roa-format-01.txt Matt Lepinski BBN Technologies.

Overview of draft-ietf-sidr-roa-format-01.txt Matt Lepinski BBN Technologies.
AUTHENTICATION APPLICATIONS - Chapter 14 Kerberos X.509 Directory Authentication (S/MIME)

AUTHENTICATION APPLICATIONS - Chapter 14 Kerberos X.509 Directory Authentication (S/MIME)
Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
CA Key 1 Created OCSP Cert 1 Client Cert 1 Client Cert 2 OCSP Cert 2 CA Key 2 Created CA Key 1 Expiration OCSP Cert 3 Client Cert.

CA Key 1 Created OCSP Cert 1 Client Cert 1 Client Cert 2 OCSP Cert 2 CA Key 2 Created CA Key 1 Expiration OCSP Cert 3 Client Cert.
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
1 Update on draft-ietf-smime-cades-02. 2 Current Status Completed last call. Under review by IESG. Comments to be incorporated: –From Pavel Smirnov (during.

1 Update on draft-ietf-smime-cades Current Status Completed last call. Under review by IESG. Comments to be incorporated: –From Pavel Smirnov (during.
S/MIME and CMS Presentation for CSE712 By Yi Wen Instructor: Dr. Aidong Zhang.

S/MIME and CMS Presentation for CSE712 By Yi Wen Instructor: Dr. Aidong Zhang.
TLS 1.2 and NIST SP 800-56A Tim Polk November 10, 2006.

TLS 1.2 and NIST SP A Tim Polk November 10, 2006.
XML Signature Prabath Siriwardena Director, Security Architecture.

XML Signature Prabath Siriwardena Director, Security Architecture.

Similar presentations

Ads by Google