Hash Of Root Key Certificate Extension
draft-ietf-lamps-hash-of-root-key-cert-extn-07
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2019-08-22
|
07 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2019-08-20
|
07 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2019-08-19
|
07 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'Overtaken by Events' |
2019-08-19
|
07 | Gunter Van de Velde | Assignment of request for Last Call review by OPSDIR to Tim Wicinski was marked no-response |
2019-08-19
|
07 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2019-07-12
|
07 | (System) | RFC Editor state changed to EDIT |
2019-07-12
|
07 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2019-07-12
|
07 | (System) | Announcement was received by RFC Editor |
2019-07-11
|
07 | (System) | IANA Action state changed to No IANA Actions from In Progress |
2019-07-11
|
07 | (System) | IANA Action state changed to In Progress |
2019-07-11
|
07 | Cindy Morgan | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2019-07-11
|
07 | Cindy Morgan | IESG has approved the document |
2019-07-11
|
07 | Cindy Morgan | Closed "Approve" ballot |
2019-07-11
|
07 | Cindy Morgan | Ballot approval text was generated |
2019-07-11
|
07 | Roman Danyliw | IESG state changed to Approved-announcement to be sent from Approved-announcement to be sent::AD Followup |
2019-07-11
|
07 | Roman Danyliw | IESG state changed to Approved-announcement to be sent::AD Followup from IESG Evaluation::AD Followup |
2019-06-29
|
07 | Russ Housley | New version available: draft-ietf-lamps-hash-of-root-key-cert-extn-07.txt |
2019-06-29
|
07 | (System) | New version approved |
2019-06-29
|
07 | (System) | Request for posting confirmation emailed to previous authors: Russ Housley |
2019-06-29
|
07 | Russ Housley | Uploaded new revision |
2019-06-28
|
06 | Benjamin Kaduk | [Ballot comment] Thank you for addressing my Discuss (and Comment) points! It looks like the ASN.1 module changes from the -05 to the -06 left … [Ballot comment] Thank you for addressing my Discuss (and Comment) points! It looks like the ASN.1 module changes from the -05 to the -06 left a stale definition of HashAlgorithmId (but if it is not stale then the import of DIGEST-ALGORITHM would need to be restored). |
2019-06-28
|
06 | Benjamin Kaduk | [Ballot Position Update] Position for Benjamin Kaduk has been changed to No Objection from Discuss |
2019-06-28
|
06 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2019-06-28
|
06 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2019-06-28
|
06 | Russ Housley | New version available: draft-ietf-lamps-hash-of-root-key-cert-extn-06.txt |
2019-06-28
|
06 | (System) | New version approved |
2019-06-28
|
06 | (System) | Request for posting confirmation emailed to previous authors: Russ Housley |
2019-06-28
|
06 | Russ Housley | Uploaded new revision |
2019-05-30
|
05 | Cindy Morgan | IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation |
2019-05-29
|
05 | Suresh Krishnan | [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan |
2019-05-29
|
05 | Benjamin Kaduk | [Ballot discuss] After further reflection, I think we need to resurrect the discussion sparked by DKG's last-call review. Specifically, in Section 5 when we consider … [Ballot discuss] After further reflection, I think we need to resurrect the discussion sparked by DKG's last-call review. Specifically, in Section 5 when we consider the case that there is not a directory service/repository available, we give guidance to "the recipient" and "recipients". But in at least some cases, there are two tiers of recipients/relying parties, that have different properties, as in the web PKI situation. Specifically, web server operators rely on root CAs to certify the certificates that they present to TLS clients. But we also consider the TLS clients themselves, which may not have a direct path to receiving the updated root CA self-signed certificate, and because of the different ways these different types of recipient rely on root CA information, the order in which they update can cause breakage. We do not necessarily need to present a clear solution that will always avoid this breakage, but I do think we need to at least discuss the possibility of such scenarios. To consider a concrete case, consider a system with a TLS client ("A"), a TLS server ("B"), and the root CA ("C"). C issues (potentially via intermediates) an end-entity certificate for B, and we consider a case where A initiates TLS connections to B. Initially, C has the root CA/key at C1, and is initiating a transition to C2; before the transition both A and B have C1 in their trusted store. When A receives C2, it can perform the requisite validation and add C2 to its trust store for use potentially validating incoming certificate chains. When B receives C2, it can similarly perform the requisite validation and add C2 to its trust store, but B's trust store is used for validating *outgoing* certificate chains, not (just) incoming ones. If B were to keep C2 in its trust store and construct an outgoing certificate chain based on C2 (and omitting oldWithNew and newWithOld), before A has received C2, then the TLS handshake fails! If A had access to C2, or to oldWithnew/NewWithOld, then it would still be able to validate B's certificate chain, but this document (and RFC 4210) do not give guidance that B should transmit newWithOld to A, leaving open this scenario for breakage. My current inclination is to add some text to this document acknowleding the potential for a chain of relying parties, and recommending that the "intermediate parties" in the scenario make newWithOld/oldWithNew available until the notAfter time from oldWithNew, but I am of course open to further discussion/suggestions. Separately, I just want to quickly check that the id-ce-hashOfRootKey OID has been properly allocated and recorded, as I couldn't find evidence to indicate that in a quick search. I assume this is the origin of the CTIA acknowledgment that Alissa mentions, but there's not quite enough there to connect the dots. |
2019-05-29
|
05 | Benjamin Kaduk | [Ballot comment] Section 1.1 Please use the boilerplate from RFC 8174 (yes, I read the shepherd writeup). Section 1.2 side note: this claim about "always … [Ballot comment] Section 1.1 Please use the boilerplate from RFC 8174 (yes, I read the shepherd writeup). Section 1.2 side note: this claim about "always encoded with DER" seems a bit optimistic unless scoped down to a specific context. Section 5 After issuing the oldWithNew and newWithOld certificates, the Root CA MUST stop using the old private key to sign certificates. Isn't this only relevant for newWithOld? We don't need to use the old private key to sign certificates to make a certification of the old key signed by the new key. Changing names from one generation to another can lead to confusion when reviewing the history of a trust anchor store. To assist with such review, a recipient MAY create an audit entry to capture the old and replacement self-signed certificates. It seems like there may be non-name changes that might also cause confusion (or worse); do we want to mention this possibility and/or the recipient's duty to check for unexpected changes? Section 6 I think some explicit guidance is needed about there being a critical operational issue in the (unexpected) case of the cryptographic breakdown of the hash function used to compute HashedRootKey. The current discussion of needing a hash function that is preimage-resistant is good, of course, but some indication of the consequences if a has function becomes bad during the course of use (or a bad hash function is chosen initially) seems to be in order. I also agree with the secdir reviewer that some guidance about how to know that the first trasition is complete would be nice (in the absence of the RFC 4210 transition process), but understand that such guidance is hard to give. |
2019-05-29
|
05 | Benjamin Kaduk | [Ballot Position Update] New position, Discuss, has been recorded for Benjamin Kaduk |
2019-05-29
|
05 | Warren Kumari | [Ballot comment] THank you for writing this -- I was initially fairly uncomfortable that this could be used if a CA's keys were ever compromised … [Ballot comment] THank you for writing this -- I was initially fairly uncomfortable that this could be used if a CA's keys were ever compromised by an attacker to persist their access (they could publish a new certificate to a captive population listing a new key which they control), but I *think* that this is addressed / is true of the current situation. Things like RFC5011 include hold-down timers to mitigate this type of isse, but I *think* that this isn't needed here, because this isn't (from what I parse) rollover, just an assertion of what to expect for the next key (delivered though some other means). |
2019-05-29
|
05 | Warren Kumari | [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari |
2019-05-29
|
05 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2019-05-28
|
05 | Alissa Cooper | [Ballot comment] The CTIA acknowledgement seems unusual since it doesn't acknowledge any actual contribution to the document. |
2019-05-28
|
05 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
2019-05-28
|
05 | Barry Leiba | [Ballot comment] Useful stuff and well written; thanks very much. I, too, wonder why this isn't Proposed Standard (and why the shepherd writeup doesn't explain … [Ballot comment] Useful stuff and well written; thanks very much. I, too, wonder why this isn't Proposed Standard (and why the shepherd writeup doesn't explain that). |
2019-05-28
|
05 | Barry Leiba | [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba |
2019-05-28
|
05 | Martin Vigoureux | [Ballot Position Update] New position, No Objection, has been recorded for Martin Vigoureux |
2019-05-27
|
05 | Éric Vyncke | [Ballot Position Update] New position, No Objection, has been recorded for Éric Vyncke |
2019-05-27
|
05 | Adam Montville | Request for Telechat review by SECDIR Completed: Ready. Reviewer: Adam Montville. Sent review to list. |
2019-05-24
|
05 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2019-05-23
|
05 | Tero Kivinen | Request for Telechat review by SECDIR is assigned to Adam Montville |
2019-05-23
|
05 | Tero Kivinen | Request for Telechat review by SECDIR is assigned to Adam Montville |
2019-05-22
|
05 | Mirja Kühlewind | [Ballot comment] Why is the intended status informational? Unfortunately, this is not further explained in the shepherd write-up. What was the discussion in the group … [Ballot comment] Why is the intended status informational? Unfortunately, this is not further explained in the shepherd write-up. What was the discussion in the group and why was informational selected? As this doc defines a protocol extension, informational does not seem appropriate for me. Should it be experimental instead? Quick question/comment: The document mentions two “error” cases where a new self-signed certificate needs to be deployed. If that is an option that always need to be taken into account, the benefits of this mechanism are less clear to me. What is the exact attack scenarios this mechanism tries to protect? |
2019-05-22
|
05 | Mirja Kühlewind | [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind |
2019-05-21
|
05 | Joel Halpern | Request for Telechat review by GENART Completed: Ready. Reviewer: Joel Halpern. Sent review to list. |
2019-05-21
|
05 | Jean Mahoney | Request for Telechat review by GENART is assigned to Joel Halpern |
2019-05-21
|
05 | Jean Mahoney | Request for Telechat review by GENART is assigned to Joel Halpern |
2019-05-21
|
05 | Roman Danyliw | IESG state changed to IESG Evaluation from Waiting for Writeup |
2019-05-21
|
05 | Magnus Westerlund | [Ballot comment] I would appreciate if one could explain why this document is being published as an informational one. I am sure there are reasons, … [Ballot comment] I would appreciate if one could explain why this document is being published as an informational one. I am sure there are reasons, but they are not evident from the writeup. |
2019-05-21
|
05 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded for Magnus Westerlund |
2019-05-20
|
05 | Amanda Baber | IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed |
2019-05-20
|
05 | Amy Vezza | Placed on agenda for telechat - 2019-05-30 |
2019-05-20
|
05 | Roman Danyliw | Ballot has been issued |
2019-05-20
|
05 | Roman Danyliw | [Ballot Position Update] New position, Yes, has been recorded for Roman Danyliw |
2019-05-20
|
05 | Roman Danyliw | Created "Approve" ballot |
2019-05-20
|
05 | Roman Danyliw | Ballot writeup was changed |
2019-05-20
|
05 | Roman Danyliw | Ballot approval text was generated |
2019-03-27
|
05 | Cindy Morgan | Shepherding AD changed to Roman Danyliw |
2019-03-24
|
05 | Russ Housley | Added to session: IETF-104: lamps Tue-1120 |
2019-01-31
|
05 | Russ Housley | New version available: draft-ietf-lamps-hash-of-root-key-cert-extn-05.txt |
2019-01-31
|
05 | (System) | New version approved |
2019-01-31
|
05 | (System) | Request for posting confirmation emailed to previous authors: Russell Housley |
2019-01-31
|
05 | Russ Housley | Uploaded new revision |
2019-01-15
|
04 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2019-01-15
|
04 | Russ Housley | New version available: draft-ietf-lamps-hash-of-root-key-cert-extn-04.txt |
2019-01-15
|
04 | (System) | New version approved |
2019-01-15
|
04 | (System) | Request for posting confirmation emailed to previous authors: Russell Housley |
2019-01-15
|
04 | Russ Housley | Uploaded new revision |
2019-01-10
|
03 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2019-01-08
|
03 | (System) | IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed |
2019-01-08
|
03 | Sabrina Tanamal | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has reviewed draft-ietf-lamps-hash-of-root-key-cert-extn-02, which is currently in Last Call, and has the following comments: We … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has reviewed draft-ietf-lamps-hash-of-root-key-cert-extn-02, which is currently in Last Call, and has the following comments: We understand that this document doesn't require any registry actions. While it's often helpful for a document's IANA Considerations section to remain in place upon publication even if there are no actions, if the authors strongly prefer to remove it, we do not object. If this assessment is not accurate, please respond as soon as possible. Thank you, Sabrina Tanamal Senior IANA Services Specialist |
2019-01-08
|
03 | Adam Montville | Request for Last Call review by SECDIR Completed: Ready. Reviewer: Adam Montville. Sent review to list. |
2019-01-04
|
03 | Joel Halpern | Request for Last Call review by GENART Completed: Almost Ready. Reviewer: Joel Halpern. Sent review to list. |
2019-01-03
|
03 | Jean Mahoney | Request for Last Call review by GENART is assigned to Joel Halpern |
2019-01-03
|
03 | Jean Mahoney | Request for Last Call review by GENART is assigned to Joel Halpern |
2019-01-03
|
03 | Russ Housley | New version available: draft-ietf-lamps-hash-of-root-key-cert-extn-03.txt |
2019-01-03
|
03 | (System) | New version approved |
2019-01-03
|
03 | (System) | Request for posting confirmation emailed to previous authors: Russell Housley |
2019-01-03
|
03 | Russ Housley | Uploaded new revision |
2019-01-03
|
02 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Tim Wicinski |
2019-01-03
|
02 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Tim Wicinski |
2019-01-03
|
02 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Adam Montville |
2019-01-03
|
02 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Adam Montville |
2018-12-27
|
02 | Cindy Morgan | IANA Review state changed to IANA - Review Needed |
2018-12-27
|
02 | Cindy Morgan | The following Last Call announcement was sent out (ends 2019-01-10): From: The IESG To: IETF-Announce CC: lamps-chairs@ietf.org, ekr@rtfm.com, draft-ietf-lamps-hash-of-root-key-cert-extn@ietf.org, spasm@ietf.org, Tim … The following Last Call announcement was sent out (ends 2019-01-10): From: The IESG To: IETF-Announce CC: lamps-chairs@ietf.org, ekr@rtfm.com, draft-ietf-lamps-hash-of-root-key-cert-extn@ietf.org, spasm@ietf.org, Tim Hollebeek , tim.hollebeek@digicert.com Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Hash Of Root Key Certificate Extension) to Informational RFC The IESG has received a request from the Limited Additional Mechanisms for PKIX and SMIME WG (lamps) to consider the following document: - 'Hash Of Root Key Certificate Extension' as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2019-01-10. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies the Hash Of Root Key certificate extension. This certificate extension is carried in the self-signed certificate for a trust anchor, which is often called a Root Certification Authority (CA) certificate. This certificate extension unambiguously identifies the next public key that will be used by the trust anchor at some point in the future. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-lamps-hash-of-root-key-cert-extn/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-lamps-hash-of-root-key-cert-extn/ballot/ No IPR declarations have been submitted directly on this I-D. |
2018-12-27
|
02 | Cindy Morgan | IESG state changed to In Last Call from Last Call Requested |
2018-12-27
|
02 | Eric Rescorla | Last call was requested |
2018-12-27
|
02 | Eric Rescorla | Last call announcement was generated |
2018-12-27
|
02 | Eric Rescorla | Ballot approval text was generated |
2018-12-27
|
02 | Eric Rescorla | Ballot writeup was generated |
2018-12-27
|
02 | Eric Rescorla | IESG state changed to Last Call Requested from AD Evaluation::AD Followup |
2018-12-27
|
02 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2018-12-27
|
02 | Russ Housley | New version available: draft-ietf-lamps-hash-of-root-key-cert-extn-02.txt |
2018-12-27
|
02 | (System) | New version approved |
2018-12-27
|
02 | (System) | Request for posting confirmation emailed to previous authors: Russell Housley |
2018-12-27
|
02 | Russ Housley | Uploaded new revision |
2018-12-21
|
01 | Eric Rescorla | IESG state changed to AD Evaluation::Revised I-D Needed from Publication Requested |
2018-11-28
|
01 | Tim Hollebeek | (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? … (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? Informational. Yes, the title page indicates that type of RFC. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary: This document specifies the Hash Of Root Key certificate extension. This certificate extension is carried in the self-signed certificate for a trust anchor, which is often called a Root Certification Authority (CA) certificate. This certificate extension unambiguously identifies the next public key that will be used by the trust anchor at some point in the future. Working Group Summary: There is consensus for this document in the LAMPS WG. Document Quality: This extension is part of the specifications that will be used in at least one new PKI. In addition, the Secure Electronic Transaction (SET) specification published by MasterCard and VISA in 1997 includes a very similar certificate extension. The SET certificate extension has essentially the same semantics, but the syntax fairly different. Personnel: Tim Hollebeek is the document shepherd. Eric Rescorla is the responsible area director. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. The document shepherd and other LAMPS WG participants reviewed the document during WG Last Call. All issues raised have been resolved. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? No concerns. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No special review needed. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why? The author explicitly stated that he is unaware of any unexpired IPR related to this document. (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. No IPR disclosures have been submitted against this Internet-Draft. (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? There is consensus for this Informational document in the LAMPS WG. (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No one has threatened an appeal. (11) Identify any ID nits the Document Shepherd has found in this document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. IDnits 2.16.0 is reporting an error in the RFC 2119 boilerplate because there is not a space between the two references in "[RFC2119][RFC8174]". (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. None needed. (13) Have all references within this document been identified as either normative or informative? Yes, the references are divided into normative and informative. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? All references are already published. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. There are no downward references. (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. Publication of this document will not change the status of any other document. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). No IANA updates or additions are needed. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. No new IANA registries are needed. (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. ASN.1 is used, and the module in Appendix A compiles without errors or warnings. |
2018-11-28
|
01 | Tim Hollebeek | Responsible AD changed to Eric Rescorla |
2018-11-28
|
01 | Tim Hollebeek | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2018-11-28
|
01 | Tim Hollebeek | IESG state changed to Publication Requested |
2018-11-28
|
01 | Tim Hollebeek | IESG process started in state Publication Requested |
2018-11-28
|
01 | Tim Hollebeek | Changed consensus to Yes from Unknown |
2018-11-28
|
01 | Tim Hollebeek | Changed document writeup |
2018-11-28
|
01 | Tim Hollebeek | Notification list changed to Tim Hollebeek <tim.hollebeek@digicert.com> |
2018-11-28
|
01 | Tim Hollebeek | Document shepherd changed to Tim Hollebeek |
2018-11-28
|
01 | Tim Hollebeek | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2018-11-12
|
01 | Tim Hollebeek | IETF WG state changed to In WG Last Call from WG Document |
2018-11-12
|
01 | Tim Hollebeek | Intended Status changed to Informational from None |
2018-11-07
|
01 | Russ Housley | New version available: draft-ietf-lamps-hash-of-root-key-cert-extn-01.txt |
2018-11-07
|
01 | (System) | New version approved |
2018-11-07
|
01 | (System) | Request for posting confirmation emailed to previous authors: Russell Housley |
2018-11-07
|
01 | Russ Housley | Uploaded new revision |
2018-09-04
|
00 | Tim Hollebeek | This document now replaces draft-housley-hash-of-root-key-cert-extn instead of None |
2018-09-04
|
00 | Russ Housley | New version available: draft-ietf-lamps-hash-of-root-key-cert-extn-00.txt |
2018-09-04
|
00 | (System) | WG -00 approved |
2018-08-31
|
00 | Russ Housley | Set submitter to "Russ Housley ", replaces to draft-housley-hash-of-root-key-cert-extn and sent approval email to group chairs: lamps-chairs@ietf.org |
2018-08-31
|
00 | Russ Housley | Uploaded new revision |