Re: [TLS] comments on draft-subcerts

Russ Housley <housley@vigilsec.com> Fri, 14 August 2020 16:59 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBC003A0EC7 for <tls@ietfa.amsl.com>; Fri, 14 Aug 2020 09:59:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fwJvkz1jsvbc for <tls@ietfa.amsl.com>; Fri, 14 Aug 2020 09:59:51 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56B033A0FC1 for <tls@ietf.org>; Fri, 14 Aug 2020 09:59:51 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id C97AF300B76 for <tls@ietf.org>; Fri, 14 Aug 2020 12:59:48 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id pU1lbQU4huCX for <tls@ietf.org>; Fri, 14 Aug 2020 12:59:47 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id DBBA7300B6E for <tls@ietf.org>; Fri, 14 Aug 2020 12:59:47 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.15\))
Date: Fri, 14 Aug 2020 12:59:49 -0400
References: <A2E098AE-6ACE-4999-ADF2-5C1211E70CCB@akamai.com>
To: IETF TLS <tls@ietf.org>
In-Reply-To: <A2E098AE-6ACE-4999-ADF2-5C1211E70CCB@akamai.com>
Message-Id: <FC3B9E6E-7F14-4585-97F0-845A049AD001@vigilsec.com>
X-Mailer: Apple Mail (2.3445.104.15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/CT39TJvwO8lrfo9ayQiCOWQjklQ>
Subject: Re: [TLS] comments on draft-subcerts
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Aug 2020 16:59:53 -0000

I have two comments:

1) The OID assignment for the ASN.1 module was assigned already by IANA.  Please fill it in.

2) I think it would be very helpful to have an example of the extension in an Appendix.  There was discussion on the list about it, and an error was found in the proposed example, which proves the need for an example.

Russ