advancing rfc 5280 to draft standard
play

Advancing RFC 5280 to Draft Standard David Cooper 74 th IETF, March - PowerPoint PPT Presentation

Nov 23, 2022 •156 likes •245 views

Advancing RFC 5280 to Draft Standard David Cooper 74 th IETF, March 2009 Normative Down References 3454 Preparation of Internationalized Strings ("stringprep") 3490 Internationalizing Domain Names in Applications

  1. Advancing RFC 5280 to Draft Standard David Cooper 74 th IETF, March 2009

  2. Normative Down References ● 3454 – Preparation of Internationalized Strings ("stringprep") ● 3490 – Internationalizing Domain Names in Applications (IDNA) ● 3987 – Internationalized Resource Identifiers (IRIs) ● 4518 – Lightweight Directory Access Protocol (LDAP): Internationalized String Preparation 74 th IETF, March 2009

  3. Normative Down References ● 2585 – Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP. ● 4516 – Lightweight Directory Access Protocol (LDAP): Uniform Resource Locator ● 4523 – Lightweight Directory Access Protocol (LDAP) Schema Definitions for X.509 Certificates ● 5273 – Certificate Management over CMS (CMC): Transport Protocols [replaces reference to RFC 2797] 74 th IETF, March 2009

  4. authorityInfoAccess ● Requirement (for id-ad-caIssuers): – HTTP server implementations accessed via the URI SHOULD specify the media type application/pkix-cert [RFC2585] in the content-type header field of the response for a single DER encoded certificate and SHOULD specify the media type application/pkcs7-mime [RFC2797] in the content-type header field of the response for "certs-only" CMS messages. ● Most certificates point to a file with a “.crt” extension. The HTTP servers specify the media type application/x x509-ca-cert. ‑ ● Some web servers, by default, specify application/pkix cert for “.cer” and ‑ application/x x509 ca-cert for “.crt” and “.der”. ‑ ‑ 74 th IETF, March 2009

  5. User Notice policy Qualifier ● Requirement: – An explicitText field includes the textual statement directly in the certificate.... Conforming CAs SHOULD use the UTF8String encoding for explicitText, but MAY use IA5String. Conforming CAs MUST NOT encode explicitText as VisibleString or BMPString. ● Every certificate located encodes explicitText as VisibleString. ● Recommend changing requirement to permit use of VisibleString encoding. 74 th IETF, March 2009

  6. No Implementations Located * ● Indirect CRLs ● Delta-CRLs and FreshestCRL extension ● SIA extension with id ad timeStamping. ‑ ‑ ● SIA extension with id ad caRepository pointing ‑ ‑ to a single DER encoded certificate ● AIA extension in a CRL. ● AIA, SIA, or CDP extension with an FTP URI. * This list represents an inability to locate operational CAs that are issuing certificates or CRLs with these features, and thus is not an indication that CA software is incapable of issuing certificates or CRLs with these features. 74 th IETF, March 2009

  7. No Implementations Located ● Certificates with notAfter=99991231235959Z ● Clients that display contents of userNotice (other than certificate viewers) ● Name constraints on X.400 names or IP addresses ● InhibitAnyPolicy extension marked critical ● CRLs with an issuerAltName extension ● issuingDistributionPoint extension with onlySomeReasons present. 74 th IETF, March 2009

  8. Not Yet Tested ● Processing of internationalized names (per Section 7) ● Processing of name constraints on X.400 addresses ● Use of SIA extension for path discovery ● Use of AIA extension in a CRL for path discovery 74 th IETF, March 2009

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Project 5280-03-00/70 Sunset Lane to CTH V WIS 113 Dane County Public Involvement Meeting

Project 5280-03-00/70 Sunset Lane to CTH V WIS 113 Dane County Public Involvement Meeting

5280-03-00 WIS 113 Sunset Lane to CTH V Dane County Project 5280-03-00/70 Sunset Lane to CTH V WIS 113 Dane County Public Involvement Meeting August, 2020 Welcome to the online public involvement meeting for Project Design ID 5280-03-00

542 views • 25 slides
Rotary District 5280 SAG, Jody Leventhal Email address: JodyLeventhal@me.com } CommunicaCon is a

Rotary District 5280 SAG, Jody Leventhal Email address: JodyLeventhal@me.com } CommunicaCon is a

Rotary District 5280 SAG, Jody Leventhal Email address: JodyLeventhal@me.com } CommunicaCon is a big part of leadership } Build confidence and build teams } Find leaders one on one } Empower your chairs } Learn communicaCon styles } Upcoming

869 views • 57 slides
SIP Steps to Draft Standard Robert Sparks Tekelec What we would have to do Decide whether

SIP Steps to Draft Standard Robert Sparks Tekelec What we would have to do Decide whether

SIP Steps to Draft Standard Robert Sparks Tekelec What we would have to do Decide whether to try to progress or plan for a couple more cycles at Proposed Standard Decide on the size of the package to progress Understand and

397 views • 6 slides
LANCASHIRE HOLDINGS LIMITED AN INSURANCE COMPANY WITHOUT THE BLACK BOX Greg Porter Value X Vail

LANCASHIRE HOLDINGS LIMITED AN INSURANCE COMPANY WITHOUT THE BLACK BOX Greg Porter Value X Vail

LANCASHIRE HOLDINGS LIMITED AN INSURANCE COMPANY WITHOUT THE BLACK BOX Greg Porter Value X Vail President and CIO June 20, 2014 5280 Capital 2 5280 Capital Disclaimer These are my honest views as of today I have a position in

589 views • 25 slides
Draft NHS Standard Contract 2020/21 Audio presentation 3 of 4 New national policy initiatives

Draft NHS Standard Contract 2020/21 Audio presentation 3 of 4 New national policy initiatives

Draft NHS Standard Contract 2020/21 Audio presentation 3 of 4 New national policy initiatives included in the draft Contract for 2020/21 January 2020 Publications Approval Number 001456 NHS England and NHS Improvement Welcome This is the

564 views • 27 slides
1 DRAFT FOR DISCUSSION. SUBJECT FOR CHANGE. Vision for the Philippines 2 DRAFT FOR DISCUSSION.

1 DRAFT FOR DISCUSSION. SUBJECT FOR CHANGE. Vision for the Philippines 2 DRAFT FOR DISCUSSION.

DRAFT FOR DISCUSSION. SUBJECT FOR CHANGE. 1 DRAFT FOR DISCUSSION. SUBJECT FOR CHANGE. Vision for the Philippines 2 DRAFT FOR DISCUSSION. SUBJECT FOR CHANGE. Progress in achieving the 10-point socioeconomic agenda is advancing strongly. 3

1.15k views • 73 slides
2015 - Another year of growth DRAFT IPO Presentation A truly connected business 1 DRAFT IPO

2015 - Another year of growth DRAFT IPO Presentation A truly connected business 1 DRAFT IPO

2015 - Another year of growth DRAFT IPO Presentation A truly connected business 1 DRAFT IPO Presentation Our Vision To become the standard against which other similar companies are measured 2 DRAFT IPO Presentation PTSGs Current

564 views • 21 slides
Draft NHS Standard Contract 2020/21 Audio presentation 4 of 4 Changes affecting national

Draft NHS Standard Contract 2020/21 Audio presentation 4 of 4 Changes affecting national

Draft NHS Standard Contract 2020/21 Audio presentation 4 of 4 Changes affecting national standards and NHS business rules for 2020/21 January 2020 Publications Approval Number 001456 NHS England and NHS Improvement Welcome This is the

209 views • 16 slides
Advancing Quality Kay Holland Head of Performance, Planning and Contracting Advancing Quality

Advancing Quality Kay Holland Head of Performance, Planning and Contracting Advancing Quality

Advancing Quality Kay Holland Head of Performance, Planning and Contracting Advancing Quality aims to improve standards in NHS hospitals across the North West of England. The idea is, if every hospital achieves the Advancing Quality measures,

378 views • 6 slides
Hitchhikers Guide to SIP Jonathan Rosenberg Cisco Systems Problem Statement Enumeration of

Hitchhikers Guide to SIP Jonathan Rosenberg Cisco Systems Problem Statement Enumeration of

Hitchhikers Guide to SIP Jonathan Rosenberg Cisco Systems Problem Statement Enumeration of SIP-related standards for newbies and implementors Definition of Core SIP for purposes of advancing those documents to draft standard

500 views • 6 slides
draft-winter-opsawg-eap-metadata Why this work ? IETF has produced a great standard for

draft-winter-opsawg-eap-metadata Why this work ? IETF has produced a great standard for

IETF 89 opsawg meeting London, 04 Mar 2014 draft-winter-opsawg-eap-metadata Why this work ? IETF has produced a great standard for authentication : E xtensible A uthentication P rotocol EAP is a mere container, carries EAP Methods

92 views • 7 slides
Draft Revisiting Unemployment with an Intensive Margin Christine Braun University of Warwick

Draft Revisiting Unemployment with an Intensive Margin Christine Braun University of Warwick

Draft Revisiting Unemployment with an Intensive Margin Christine Braun University of Warwick Draft Motivation Unemployment Rate 16 Standard Continuous 12 8 4 1981 1985 1989 1993 1997 2001 2005 2009 2013 2017 2021 Draft

656 views • 41 slides
Draft NHS Standard Contract 2020/21 Audio presentation 1 of 4 Introduction to the Contract

Draft NHS Standard Contract 2020/21 Audio presentation 1 of 4 Introduction to the Contract

Draft NHS Standard Contract 2020/21 Audio presentation 1 of 4 Introduction to the Contract January 2020 Publications Approval Number 001456 NHS England and NHS Improvement Welcome This is the first of four audio presentations which we have

426 views • 21 slides
Windward Community College University of Hawaii 2009-2010 1 2 Build Build a R a Roc

Windward Community College University of Hawaii 2009-2010 1 2 Build Build a R a Roc

Windward Community College University of Hawaii 2009-2010 1 2 Build Build a R a Roc ocket et to be to be launc launched hed to to an an altitude altitude of of 5280 5280 ft. t. (1 1 mile) mile) Roc ocket et mus must t

863 views • 29 slides
Standard Configuration of DiffServ Service Classes at IETF83

Standard Configuration of DiffServ Service Classes at IETF83

Standard Configuration of DiffServ Service Classes at IETF83 draft-polk-tsvwg-rfc4594-update-00.txt draft-polk-tsvwg-new-dscp-assignments-00.txt 27 March 2012 James Polk (editor) Purpose of the drafts To specify DiffServ service class

252 views • 14 slides
Draft NHS Standard Contract 2020/21 Audio presentation 2 of 4 Local system collaboration and

Draft NHS Standard Contract 2020/21 Audio presentation 2 of 4 Local system collaboration and

Draft NHS Standard Contract 2020/21 Audio presentation 2 of 4 Local system collaboration and integration January 2020 Publications Approval Number 001456 NHS England and NHS Improvement Welcome This is the second of four audio

333 views • 19 slides
Goals for Today Learning Objective: Learn about directory structures Run through some

Goals for Today Learning Objective: Learn about directory structures Run through some

Goals for Today Learning Objective: Learn about directory structures Run through some disk performance exercises Announcements, etc: C4: I removed 2 papers from your reading list No longer need to read Multics Security Eval

421 views • 27 slides
DIRECTORY COHERENCE Mahdi Nazm Bojnordi Assistant Professor School of Computing University of

DIRECTORY COHERENCE Mahdi Nazm Bojnordi Assistant Professor School of Computing University of

DIRECTORY COHERENCE Mahdi Nazm Bojnordi Assistant Professor School of Computing University of Utah CS/ECE 7810: Advanced Computer Architecture Overview Upcoming deadline Tonight: project proposal This lecture Snooping wrap-up

482 views • 32 slides
The LDAP Directory Life After Sun A story of migration Alban MEUNIER IdM Senior consultant

The LDAP Directory Life After Sun A story of migration Alban MEUNIER IdM Senior consultant

The LDAP Directory Life After Sun A story of migration Alban MEUNIER IdM Senior consultant ameunier@smartwavesa.com www.smartwavesa.com Agenda Introduction Common layer Migrate a standalone instance Migrate a replicated infra

876 views • 32 slides
os Module Today File I/O from last time Behind the scenes, this module loads a module

os Module Today File I/O from last time Behind the scenes, this module loads a module

os Module Today File I/O from last time Behind the scenes, this module loads a module for your particular operating system Slides 38-48 The os and sys modules Regardless of your actual OS, Python imports os The exec()

346 views • 11 slides
Lecture 08: Networking services: theres no place like 127.0.0.1 Hands-on Unix system

Lecture 08: Networking services: theres no place like 127.0.0.1 Hands-on Unix system

Lecture 08: Networking services: theres no place like 127.0.0.1 Hands-on Unix system administration DeCal 2012-10-15 1 / 22 DNS About DNS Common DNS records Other DNS records Networking DNS SSH Network users 2 / 22 About

594 views • 22 slides
UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity

UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity

UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity System UCSBnetID authentication UCSB-wide student and employee info http://www.identity.ucsb.edu/ LDAP Overview Lightweight Directory Access Protocol

604 views • 24 slides
D ISTRIBUTED S YSTEMS [COMP9243] Lecture 8a: Naming Basic Concepts Naming Services

D ISTRIBUTED S YSTEMS [COMP9243] Lecture 8a: Naming Basic Concepts Naming Services

D ISTRIBUTED S YSTEMS [COMP9243] Lecture 8a: Naming Basic Concepts Naming Services Attribute-based Naming (aka Directory Services) Distributed hash tables D ISTRIBUTED S YSTEMS [COMP9243] 1 W HAT IS N AMING ? Systems manage a wide

591 views • 40 slides
Distributed File Systems Early networking and files Had FTP to transfer files Telnet to

Distributed File Systems Early networking and files Had FTP to transfer files Telnet to

4/4/2014 Distributed File Systems Early networking and files Had FTP to transfer files Telnet to remote login to other systems with files Distributed Computing Systems But want more transparency! local computing with remote

532 views • 16 slides

More recommend