--- 1/draft-ietf-hip-rfc6253-bis-07.txt 2016-04-22 01:16:17.483170667 -0700 +++ 2/draft-ietf-hip-rfc6253-bis-08.txt 2016-04-22 01:16:17.511171361 -0700 @@ -1,20 +1,20 @@ Host Identity Protocol T. Heer Internet-Draft Albstadt-Sigmaringen University Obsoletes: 6253 (if approved) S. Varjonen Updates: 7401 (if approved) University of Helsinki -Intended status: Standards Track February 26, 2016 -Expires: August 29, 2016 +Intended status: Standards Track April 22, 2016 +Expires: October 24, 2016 Host Identity Protocol Certificates - draft-ietf-hip-rfc6253-bis-07 + draft-ietf-hip-rfc6253-bis-08 Abstract The Certificate (CERT) parameter is a container for digital certificates. It is used for carrying these certificates in Host Identity Protocol (HIP) control packets. This document specifies the certificate parameter and the error signaling in case of a failed verification. Additionally, this document specifies the representations of Host Identity Tags in X.509 version 3 (v3). @@ -35,21 +35,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on August 29, 2016. + This Internet-Draft will expire on October 24, 2016. Copyright Notice Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect @@ -95,21 +95,21 @@ The CERT parameter can be used in all HIP packets. However, using it in the first Initiator (I1) packet is NOT RECOMMENDED because it can increase the processing times of I1s, which can be problematic when processing storms of I1s. Each HIP control packet MAY contain multiple CERT parameters each carrying one certificate. These parameters MAY be related or unrelated. Related certificates are managed in CERT groups. A CERT group specifies a group of related CERT parameters that SHOULD be interpreted in a certain order (e.g., for expressing certificate chains). Ungrouped certificates exhibit a unique CERT group field and set the CERT count to 1. CERT parameters - with the same CERT group number in the group field indicate a logical + with the same group number in the CERT group field indicate a logical grouping. The CERT count field indicates the number of CERT parameters in the group. CERT parameters that belong to the same CERT group MAY be contained in multiple sequential HIP control packets. This is indicated by a higher CERT count than the amount of CERT parameters with matching CERT group fields in a HIP control packet. The CERT parameters MUST be placed in ascending order, within a HIP control packet, according to their CERT group field. CERT groups MAY only span multiple packets if the CERT group does not fit the packet. A HIP packet MUST @@ -482,20 +482,24 @@ o Removed the SPKI references from the document. Changes from version 05 to 06: o Addressed the Int-Dir review comments from Korhonen. Changes from version 06 to 07: o Addressed the GenArt, OPSdir, SecDir, and IANA comments. + Changes from version 07 to 08: + + o Addresses one editorial nit for CERT group numbers. + Authors' Addresses Tobias Heer Albstadt-Sigmaringen University Poststr. 6 72458 Albstadt Germany Email: heer@hs-albsig.de