SCVP 18

1

• SCVP 18
• Tim Polk

2
Mea Culpa

• Draft -19 omits some promised changes from the
  March IETF meeting
• Document management problems compounded by ID
  submission deadline
• Draft -20 is ready and available from NIST web
  site

3
Summary of Changes Since -18

• Revised key usages syntax
• Revised requestorRef syntax from general name to
  OCTET STRING
• Defined ordering for additional certificates
  required to support CRL validation when included
  in a replyWantBack

4
Status With Respect to 3379

• 3379 requires ability to return SCVP responses
  along with other proofs, but current format omits
  this possibility
• Editors will revise to meet 3379 requirements
• 3379 states that the protocol should support thin
  clients, but client conformance requirements are
  unclear
• E.g., is a client that can only request status
  for one certificate at a time, and does not
  support optional fields in the request
  conformant?
• Conformance requirements should be
  established/clarified to include relatively thin
  clients

5
Open Issues

• A number of additional issues have been raised,
  but WG consensus has not been demonstrated
• Syntax
• Explicit tagging, BIT STRING vs. Booleans, DER
  vs. BER, etc.
• Conformance requirements for thin clients

6
Proposed Way forward

• Draft -20 officially submitted ASAP
• Hall meetings to resolve open issues if possible
• Draft -21 to satisfy RFC 3379 requirements (and
  any issues that we can resolve)
• Joint submission of perceived open issues to WG
  Chair (Steve Kent) and request determination of
  WG consensus
• Draft -22 (if necessary) is forwarded to IESG