draft-ietf-hip-rfc6253-bis-07.txt   draft-ietf-hip-rfc6253-bis-08.txt 
Host Identity Protocol T. Heer Host Identity Protocol T. Heer
Internet-Draft Albstadt-Sigmaringen University Internet-Draft Albstadt-Sigmaringen University
Obsoletes: 6253 (if approved) S. Varjonen Obsoletes: 6253 (if approved) S. Varjonen
Updates: 7401 (if approved) University of Helsinki Updates: 7401 (if approved) University of Helsinki
Intended status: Standards Track February 26, 2016 Intended status: Standards Track April 22, 2016
Expires: August 29, 2016 Expires: October 24, 2016
Host Identity Protocol Certificates Host Identity Protocol Certificates
draft-ietf-hip-rfc6253-bis-07 draft-ietf-hip-rfc6253-bis-08
Abstract Abstract
The Certificate (CERT) parameter is a container for digital The Certificate (CERT) parameter is a container for digital
certificates. It is used for carrying these certificates in Host certificates. It is used for carrying these certificates in Host
Identity Protocol (HIP) control packets. This document specifies the Identity Protocol (HIP) control packets. This document specifies the
certificate parameter and the error signaling in case of a failed certificate parameter and the error signaling in case of a failed
verification. Additionally, this document specifies the verification. Additionally, this document specifies the
representations of Host Identity Tags in X.509 version 3 (v3). representations of Host Identity Tags in X.509 version 3 (v3).
skipping to change at page 1, line 46 skipping to change at page 1, line 46
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 29, 2016. This Internet-Draft will expire on October 24, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
skipping to change at page 3, line 15 skipping to change at page 3, line 15
The CERT parameter can be used in all HIP packets. However, using it The CERT parameter can be used in all HIP packets. However, using it
in the first Initiator (I1) packet is NOT RECOMMENDED because it can in the first Initiator (I1) packet is NOT RECOMMENDED because it can
increase the processing times of I1s, which can be problematic when increase the processing times of I1s, which can be problematic when
processing storms of I1s. Each HIP control packet MAY contain processing storms of I1s. Each HIP control packet MAY contain
multiple CERT parameters each carrying one certificate. These multiple CERT parameters each carrying one certificate. These
parameters MAY be related or unrelated. Related certificates are parameters MAY be related or unrelated. Related certificates are
managed in CERT groups. A CERT group specifies a group of related managed in CERT groups. A CERT group specifies a group of related
CERT parameters that SHOULD be interpreted in a certain order (e.g., CERT parameters that SHOULD be interpreted in a certain order (e.g.,
for expressing certificate chains). Ungrouped certificates exhibit a for expressing certificate chains). Ungrouped certificates exhibit a
unique CERT group field and set the CERT count to 1. CERT parameters unique CERT group field and set the CERT count to 1. CERT parameters
with the same CERT group number in the group field indicate a logical with the same group number in the CERT group field indicate a logical
grouping. The CERT count field indicates the number of CERT grouping. The CERT count field indicates the number of CERT
parameters in the group. parameters in the group.
CERT parameters that belong to the same CERT group MAY be contained CERT parameters that belong to the same CERT group MAY be contained
in multiple sequential HIP control packets. This is indicated by a in multiple sequential HIP control packets. This is indicated by a
higher CERT count than the amount of CERT parameters with matching higher CERT count than the amount of CERT parameters with matching
CERT group fields in a HIP control packet. The CERT parameters MUST CERT group fields in a HIP control packet. The CERT parameters MUST
be placed in ascending order, within a HIP control packet, according be placed in ascending order, within a HIP control packet, according
to their CERT group field. CERT groups MAY only span multiple to their CERT group field. CERT groups MAY only span multiple
packets if the CERT group does not fit the packet. A HIP packet MUST packets if the CERT group does not fit the packet. A HIP packet MUST
skipping to change at page 11, line 17 skipping to change at page 11, line 17
o Removed the SPKI references from the document. o Removed the SPKI references from the document.
Changes from version 05 to 06: Changes from version 05 to 06:
o Addressed the Int-Dir review comments from Korhonen. o Addressed the Int-Dir review comments from Korhonen.
Changes from version 06 to 07: Changes from version 06 to 07:
o Addressed the GenArt, OPSdir, SecDir, and IANA comments. o Addressed the GenArt, OPSdir, SecDir, and IANA comments.
Changes from version 07 to 08:
o Addresses one editorial nit for CERT group numbers.
Authors' Addresses Authors' Addresses
Tobias Heer Tobias Heer
Albstadt-Sigmaringen University Albstadt-Sigmaringen University
Poststr. 6 Poststr. 6
72458 Albstadt 72458 Albstadt
Germany Germany
Email: heer@hs-albsig.de Email: heer@hs-albsig.de
 End of changes. 5 change blocks. 
5 lines changed or deleted 9 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/