Issue 4481: AuthorityProviderInfo - supplementary info desirable                                                                                                                                                    (pki-ftf)
Source: OSM (Mr. Stephen McConnell, mcconnell@osm.net)
Nature: Uncategorized Issue
Severity: 
Summary: The AuthorityProviderInfo contains a set of information about the a
provider.
It is desirable that this be extended to include the public key of
the provider and URLs to provider specific information.

    valuetype AuthorityProviderInfo
    {
        public string standardVersion;
        public string standardDescription;
        public string productVersion;
        public string productDescription;
        public string productVendor;
        public PKI::CertificateInfoList supportedCertificates;
        public PKI::CRLInfoList supportedCRLs;
        public PKI::CertificateRequestInfoList supportedCertRequestTypes;
        public PKI::CertificateRevocationInfoList
supportedCertRevocationTypes;
        public PKI::KeyRecoveryInfoList supportedKeyRecoveryTypes;

        // proposed addition

        public PKI::Certificate publicKey;
        public string providerHomeURL;
        public string providerPublicKeyURL;
    };

These additions enable a consistent mechanism to (a) access a CA or RA
public
key, (b) provide a hint to an out-of-band mechanisms through which public
key
verification can be enacted, and (c) provide access to provider information
such as published certification policy, etc.

If there are not objections - I'll raise this as an FTF issue.
Resolution: see above
Revised Text: 
Actions taken:
August 14, 2001: received issue
July 5, 2002: closed issue
Discussion: 
Current struct 

    struct AuthorityProviderInfo { 
        string standard_version; 
        string standard_description; 
        string product_version; 
        string product_description; 
        string product_vendor; 
        PKI::CertificateInfoList supported_certificates; 
        PKI::CRLInfoList supported_crls; 
        PKI::CertificateRequestInfoList supported_cert_request_types; 
        PKI::CertificateRevocationInfo supported_cert_revocation_types; 
        PKI::KeyRecoveryInfoList supported_key_recovery_types; 
    }; 

Be changed to the following in IDL section A.2 PKIAuthority. In essence 
change to valuetype and add 3 new members (ie last 3): 

valuetype AuthorityProviderInfo { 
    public string standardVersion; 
    public string standardDescription; 
    public string productVersion; 
    public string productDescription; 
    public string productVendor; 
    public PKI::CertificateInfoList supportedCertificates; 
    public PKI::CRLInfoList supportedCRLs; 
    public PKI::CertificateRequestInfoList supportedCertRequestTypes; 
    public PKI::CertificateRevocationInfoList supportedCertRevocationTypes; 
    public PKI::KeyRecoveryInfoList supportedKeyRecoveryTypes; 

// proposed addition 
    public PKI::Certificate publicKey; 
    public string providerHomeURL; 
    public string providerPublicKeyURL; 
}; 


End of Annotations:=====
From: "Stephen McConnell" <mcconnell@osm.net>
To: "PKI" <pki-ftf@emerald.omg.org>
Subject: AuthorityProviderInfo - supplementary info desirable
Date: Tue, 14 Aug 2001 02:28:03 +0200
Message-ID: <000101c12457$faf528d0$0a01a8c0@osm.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.0810.800
Content-Type: text/plain;
	      charset="Windows-1252"
X-UIDL: ckNd9[g3!!M<kd9Vf1e9


The AuthorityProviderInfo contains a set of information about the a
provider.
It is desirable that this be extended to include the public key of
the provider and URLs to provider specific information.

    valuetype AuthorityProviderInfo
    {
        public string standardVersion;
        public string standardDescription;
        public string productVersion;
        public string productDescription;
        public string productVendor;
        public PKI::CertificateInfoList supportedCertificates;
        public PKI::CRLInfoList supportedCRLs;
        public PKI::CertificateRequestInfoList
    supportedCertRequestTypes;
        public PKI::CertificateRevocationInfoList
supportedCertRevocationTypes;
        public PKI::KeyRecoveryInfoList supportedKeyRecoveryTypes;

        // proposed addition

        public PKI::Certificate publicKey;
        public string providerHomeURL;
        public string providerPublicKeyURL;
    };

These additions enable a consistent mechanism to (a) access a CA or RA
public
key, (b) provide a hint to an out-of-band mechanisms through which
public
key
verification can be enacted, and (c) provide access to provider
information
such as published certification policy, etc.

If there are not objections - I'll raise this as an FTF issue.

Cheers, Steve.

Stephen J. McConnell, OSM sarl
digital products for global business
http://www.osm.net
mailto:mcconnell@osm.net


X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4
To: pmclaughlin@baltimore.com (Patrick McLaughlin),
   polar@adiron.com (Polar Humenn), gjarboe@promia.com (Gene Garboe),
   cwbinko@trcinc.com (Bill Binko), mcconnell@osm.net (Stephen
   McConnell),
   Ronald.Monzillo@east.sun.com (Ron Monzillo),
   gibson@dstc.edu.au (Simon Gibson),
   christopher_milsom@hp.com (Christopher Milsom),
   IBalabine@iona.com (Igor Balabine)
cc: pki-ftf@omg.org
Subject: Request Vote issue 4481
Mime-Version: 1.0
Date: Thu, 15 Nov 2001 14:24:29 +1000
From: Simon Gibson <gibson@dstc.qut.edu.au>
Content-Type: text/plain; charset=us-ascii
X-UIDL: 1%De9K@V!!KE+e9)Oid9

Issue 4481: AuthorityProviderInfo - supplementary info desirable
(pki-ftf)

Click here for this issue's archive.
Source: OSM (Mr. Stephen McConnell, mcconnell@osm.net)
Nature: Uncategorized Issue
Severity:

Summary: The AuthorityProviderInfo contains a set of information about
the a provider. It is desirable that this be extended to include the
public key of the provider and URLs to provider specific
information.

Proposed change:

Current struct 

    struct AuthorityProviderInfo {
        string standard_version;
        string standard_description;
        string product_version;
        string product_description;
        string product_vendor;
        PKI::CertificateInfoList supported_certificates;
        PKI::CRLInfoList supported_crls;
        PKI::CertificateRequestInfoList supported_cert_request_types;
        PKI::CertificateRevocationInfo
        supported_cert_revocation_types;
        PKI::KeyRecoveryInfoList supported_key_recovery_types;
    };

Be changed to the following in IDL section A.2 PKIAuthority. In
essence 
change to valuetype and add 3 new members (ie last 3):

valuetype AuthorityProviderInfo {
    public string standardVersion;
    public string standardDescription;
    public string productVersion;
    public string productDescription;
    public string productVendor;
    public PKI::CertificateInfoList supportedCertificates;
    public PKI::CRLInfoList supportedCRLs;
    public PKI::CertificateRequestInfoList supportedCertRequestTypes;
    public PKI::CertificateRevocationInfoList
    supportedCertRevocationTypes;
    public PKI::KeyRecoveryInfoList supportedKeyRecoveryTypes;

// proposed addition
    public PKI::Certificate publicKey;
    public string providerHomeURL;
    public string providerPublicKeyURL;
};