RE: I-D ACTION:draft-ietf-secsh-transport-18.txt

[Chris Lonvick <clonvick%cisco.com@localhost>]

Hi Scott,

I've opened Ticket #474: "WG - transport - x509v3-sign-*" from your
excellent catch.  The responses so far indicate that it's been well
discussed before so hopefully we can resolve this one quickly.

The instructions for the Issue Tracker are here:
  http://rt.psg.com/

Access to the Issue Tracker starts here:
  https://rt.psg.com/

If you're not one of the people who can open/close/modify tickets, then
your access is with
  username = ietf
  password = ietf

Thanks,
Chris

On Tue, 15 Jun 2004, Scott Rankin wrote:

> Sorry if this is already known. I couldn't look in the bug tracking system
> as it required a username and password.
>
> Just a couple questions.
>
> In section 6.6 Public Key Algorithms.
>
> x509v3-sign-rsa and x509v3-sign-dss are listed as "defined" formats. That
> said, I have been unable to find where these are defined (and there is no
> citation of this definition in this section).
>
> Perhaps this is why RFC2459 (and soon to be RFC3280 per earlier mails) was
> listed in the References at the end of the document?
>
> Is it RFC3280 or RFC3279 which defines x509v3-sign-rsa and x509v3-sign-dss?
>
> All the other public key algorithms have at least an additional sentence
> below the table of formats as well. Maybe that is all the document needs.
>
> I have scoured through the mailing list archives and the ietf pkix working
> group and secsh internet drafts and rfcs and have come up dry. Any thoughts?
>
>
> This sentence,
> "The key type MUST always be explicitly known (from algorithm
>    negotiation or some other source)" sounds awkward to me. I think it is
> the combination of MUST and always. It seems redundant.
>
>
> cheers,
> scott rankin
>