Review for media types: application/ibe-pp-data, application/ibe-key-request+xml, and application/ibe-pkg-reply+xml

[Mark Baker]

On Fri, Oct 3, 2008 at 2:03 PM, Luther Martin <martin at voltage.com> wrote:
>> -----Original Message-----
>> From: mark at coactus.com [mailto:mark at coactus.com] On Behalf Of Mark
>> Baker
>> > This is certainly true, but they do define media types for
>> cryptographic keys and related information, which is the proposed use
>> of application/ibe-key-request and application/ibe-pkg-reply. The
>> application/ibe-key-request is used much like the application/pkcs10
>> and the application/ibe-pkg-reply is used much like an
>> application/pkcs7-mime type: the first of the two is used for a
>> certificate signing request and the second is used for the resulting
>> certificate. In the case of this draft, one media type is used for a
>> private key request and another for the resulting private key.
>>
>> I understand that there are similarities.  My concern regards one of
>> the differences.
>
> I guess that I just don't understand your concern about the differences.
>
> The contents of a application/pkcs10 message are a public key and an identity.
>
> In the case of IBE, the public key is the identity, so the content of the proposed application/ibe-key-request is really just a subset of what's encoded with application/pkcs10. (It's not-self signed, etc., but that's really a minor difference.)
>
> What's the fundamental difference between these two that warrants greatly different processing?

It's the two mandatory media type parameters as described in sec 5.4,
and (unmentioned until now) the mandatory parameter in 5.7.

Mark.