Re: [therightkey] How many documents?
Phillip Hallam-Baker <hallam@gmail.com> Mon, 29 October 2012 18:53 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 223D421F8678 for <therightkey@ietfa.amsl.com>; Mon, 29 Oct 2012 11:53:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id onO8eWs2+R-t for <therightkey@ietfa.amsl.com>; Mon, 29 Oct 2012 11:53:25 -0700 (PDT)
Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id F0B3521F852A for <therightkey@ietf.org>; Mon, 29 Oct 2012 11:53:24 -0700 (PDT)
Received: by mail-ob0-f172.google.com with SMTP id v19so5548469obq.31 for <therightkey@ietf.org>; Mon, 29 Oct 2012 11:53:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=fbCOqEIjuDDc6m/RuLqQbAzzBcCSxWI0paOq5eSRc+A=; b=EbRQdvT7XYWOyo/DQhynBNbRNj6Yl3lZ732L2M3J3KAMxZgTgbDnn27aVm2cBq2s4K +F+NC3iGC1j0yQlhlIMCb1gCpBZQwCfsl2wtiU73T2za0J72RxdtaneFjOZAjm8m7pYJ dSKLIkLO+0bBhvycGQXe13DmnE1jVXl5hL6iWSDdr8QMd6YM53Tw99CY2+VMmccwaVJ8 U7NKJD0G85C6RNJA2tSlET1PAx9LPk42I8lkKZWidT2OJz0TWpvWFSrgWZlHvlpImPwg +QLUWbwwdqyc+8TxBQcctwcX8YEd0f9Pd8b9/tALNX2M+lsYi3h9plZ2x/0HTXmJwtkP Kfxg==
MIME-Version: 1.0
Received: by 10.182.113.5 with SMTP id iu5mr25782997obb.36.1351536804582; Mon, 29 Oct 2012 11:53:24 -0700 (PDT)
Received: by 10.76.27.103 with HTTP; Mon, 29 Oct 2012 11:53:24 -0700 (PDT)
In-Reply-To: <CABrd9SSko2SdwPFCxJ2jsBWy8i4ny1AJ4EEHD59m9nvqG1oxTQ@mail.gmail.com>
References: <508AB760.7050803@cs.tcd.ie> <508E61C9.2060001@comodo.com> <CABrd9SQyPkbBF28tetzVRD6sy4E6aMd7AJPXajntEmRadfKb5g@mail.gmail.com> <508E65E8.1010906@comodo.com> <508E6F4A.20809@cs.tcd.ie> <CABrd9SSko2SdwPFCxJ2jsBWy8i4ny1AJ4EEHD59m9nvqG1oxTQ@mail.gmail.com>
Date: Mon, 29 Oct 2012 14:53:24 -0400
Message-ID: <CAMm+LwgqmFsCm83QQVkXazcnjAbStjvq6BqfhBU_Qu=Q-VMZiA@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Ben Laurie <benl@google.com>
Content-Type: multipart/alternative; boundary="f46d0447f1882355ab04cd372fbb"
Cc: "therightkey@ietf.org" <therightkey@ietf.org>, Rob Stradling <rob.stradling@comodo.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [therightkey] How many documents?
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Oct 2012 18:53:26 -0000
I very much doubt we will manage to get a finished spec with anything less than four documents since I can't remember offhand any case when we have not. But equally, I can't see a need for a split now. Going through four documents rather than one is tedious. In the longer term I see the parts of the spec that describe the notary formats and structure as being potentially re-usable in other contexts and that it will make sense to separate those out from the discussion of certs, PKI and such. On Mon, Oct 29, 2012 at 2:23 PM, Ben Laurie <benl@google.com> wrote: > On 29 October 2012 11:58, Stephen Farrell <stephen.farrell@cs.tcd.ie> > wrote: > > > > > > On 10/29/2012 11:18 AM, Rob Stradling wrote: > >> On 29/10/12 11:06, Ben Laurie wrote: > >>> On 29 October 2012 11:00, Rob Stradling <rob.stradling@comodo.com> > wrote: > >> <snip> > >>>> I don't have a strong opinion about this, but I think it might make > >>>> sense to > >>>> split up the CT standardization effort into multiple documents, > because > >>>> different audiences will be interested in different aspects of CT. > i.e. > >>>> - One document aimed at the people who will implement and/or > >>>> operate CT > >>>> log servers. > >>>> - One document aimed at CAs who will implement pre-certs and/or > embed > >>>> proofs into OCSP Responses. > >>>> - One document aimed at browser authors who will write code to > verify > >>>> proofs. > >>>> - One document aimed at webserver authors who will need to > >>>> understand the > >>>> importance of implementing RFC5878 and/or OCSP Stapling (RFC6066). > >>>> - One document aimed at auditors who will need to know how to > >>>> verify that > >>>> a CT log has not been compromised. > >>>> - One document aimed at domain owners who will need to know i) how > to > >>>> discover if any certs have been misissued to their domain names and > >>>> ii) what > >>>> to do about any detected misissuances. > >>> > >>> TBH, I disagree - the reason being that almost all of these documents > >>> will be identical (i.e. describing the cryptographic structure of the > >>> log) and the only differences will be which parts of the protocol they > >>> use - some of which will inevitably overlap. Right now the document is > >>> lacking a few of these areas, but it is by no means unwieldy. I think > >>> splitting across multiple documents will create a lot of pointless > >>> duplication and effort. > >> > >> OK, scrap that idea then. :-) > > > > Well.... maybe not quite so quickly. I think its a real issue > > that a single document might be difficult for all those audiences. > > > > Now, I don't think the IETF actually ought try address all of > > those audiences, since RFCs are for the folks writing code, and > > mostly not for auditors or CA/web site operators, though we do do > > some of the latter sometimes. > > I should point out that in this context an auditor is a technical term > - an agent that, given some alleged entries from a log, audits that > the log actually contains those entries, or given an alleged past > snapshot of the log audits that it is consistent with the current log. > Clients may well be auditors, too, but technically the roles can be > separated. > > > But I still wonder if 1 or >1 document is right, and as Ben says > > the current draft is a bit sketchy in some areas that might or > > might not be better separated out. Perhaps the right answer will > > turn out to be to look at the draft later when those areas are > > more developed, but I'm asking now anyway:-) > > I am still holding out for a single document :-) > > > > >>>> Given the imminent closure of the PKIX WG, I'm tempted to also > >>>> suggest... > >>>> - One document that will define requirements for "Effective > >>>> revocation > >>>> mechanisms". > >>> > >>> Not against that at all, but it sounds like a different WG to me. > >> > >> Maybe so. > > > > Right, or a later milestone after a re-charter if we end up > > with a WG. At this point, I'd guess that anyone wanting revocation > > considered sooner would need to be yelling (and since they > > haven't written an I-D, they'd need to be quite convincing as to > > why yelling with no I-D is appropriate). > > > > S. > > > _______________________________________________ > therightkey mailing list > therightkey@ietf.org > https://www.ietf.org/mailman/listinfo/therightkey > -- Website: http://hallambaker.com/
- [therightkey] How many documents? Stephen Farrell
- Re: [therightkey] How many documents? Stephen Farrell
- Re: [therightkey] How many documents? Ben Laurie
- Re: [therightkey] How many documents? Rob Stradling
- Re: [therightkey] How many documents? Ben Laurie
- Re: [therightkey] How many documents? Rob Stradling
- Re: [therightkey] How many documents? Phillip Hallam-Baker
- [therightkey] Non-WG forming BoF Paul Hoffman
- Re: [therightkey] Non-WG forming BoF Stephen Farrell
- Re: [therightkey] How many documents? Paul Hoffman
- Re: [therightkey] How many documents? Ben Laurie
- Re: [therightkey] How many documents? Paul Hoffman