Re: [Trans] Draft agenda

Eran Messeri <eranm@google.com> Mon, 24 February 2014 20:42 UTC

Return-Path: <eranm@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F07E11A01E5 for <trans@ietfa.amsl.com>; Mon, 24 Feb 2014 12:42:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.925
X-Spam-Level:
X-Spam-Status: No, score=-1.925 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0Tn6h8aP1FDJ for <trans@ietfa.amsl.com>; Mon, 24 Feb 2014 12:42:33 -0800 (PST)
Received: from mail-oa0-x234.google.com (mail-oa0-x234.google.com [IPv6:2607:f8b0:4003:c02::234]) by ietfa.amsl.com (Postfix) with ESMTP id 4EA421A0308 for <trans@ietf.org>; Mon, 24 Feb 2014 12:42:10 -0800 (PST)
Received: by mail-oa0-f52.google.com with SMTP id i4so7731692oah.11 for <trans@ietf.org>; Mon, 24 Feb 2014 12:42:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=nyvY793FgWZXEabRme9EPZTXMqF9l8VqD1/qTGZalUE=; b=Y5lX1WatHUy++Uhw45o7rWuMOsPDm6P4g80l3Hvnfnz1gmFfFc9WowE0EH5PtaV36w aH8Si/8M/KxS1r68tyIGHeVY3+wf8kPzGjwMz6NWEbRwV9wl9E26yfAKiCvlkg91pfaz zZ23h9VN/Mr8UOTsu9E+HZbev56JO56bFKS6+sCiNrG00ULLIat1MWNBfrz/xbwEEccb hdwVIW+gKy37Y6CLpc6f/kw6Mc/DifsTekHKD0KhcP4jQEx2FHCOIkrMjDHBkOt2kMO0 DQ0Upl1VRLQt77KFwiutQpjxEOkEZTizna4r1ocwabysFZcfKfgiemhnwRAC9PWpiYwZ Hx/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=nyvY793FgWZXEabRme9EPZTXMqF9l8VqD1/qTGZalUE=; b=UrmX3yUlAGd0ti+uhrmbxW3gqq918/ua8/VwXDgAAOvDw7DFvDKRmedmG7AT3Dq0Hd 8HiMcsUOR71jTl4wjJpbDf7n1JGeqAVyrKceOcqg4PhSzvcIYkcjMb8hRs8/VKmVHOBR g2Ck5IoAiuIcxiz03M80l+4UstNgWks1Pe+URqFWs/w1/CJDw1I1VloW+ui75TAkYRc8 gAmkOCdrh6yTspn5Y257WaMv/X6SUnD7JwzxvHVeb9w14QsZHuHDC8hKFr8CEP9WNgoH oMpmrjE9h2+mqrg7KICm5+UPKrcfmwdxtgImj8+Hh8tOysbSprqqoD6eLXEBTUfm1uhM q/wQ==
X-Gm-Message-State: ALoCoQm9O3Z+jaqzb6UaWuO5n2EjZc9JEpjjJRj9qj/M34VrBOaZXhARXCWd1nmqgOvVTGxn86TKdY3pJ1OlrgzuNN1vno2DfSOst8D7Di80jEyVclTm5HQPavpjW+wfagP4l3UPrYarntmWzffBK2Bf5PxyhC6lP3Sg1Cbqmg70QqiPHb/lwiEjqxs7gTADM/CFt6/kkdVk
MIME-Version: 1.0
X-Received: by 10.60.52.101 with SMTP id s5mr23547296oeo.7.1393274529634; Mon, 24 Feb 2014 12:42:09 -0800 (PST)
Received: by 10.182.142.198 with HTTP; Mon, 24 Feb 2014 12:42:09 -0800 (PST)
In-Reply-To: <CAMm+Lwj4XniVS_n+M3TmT_LM+P6H6HGgcnhMezUjnupKXzwwdg@mail.gmail.com>
References: <53063600.4020102@gmail.com> <CALzYgEe0XrQdKDZN3_dwFLnM87+TXyYRMzj4ZGe5xKi-T_5V+g@mail.gmail.com> <530B86F6.5040201@gmail.com> <CABrd9SSpyw4nJ9t7X0WDeN+1MnhD+__-QXLOQXYs=h2JCUrwDg@mail.gmail.com> <CAMm+Lwj4XniVS_n+M3TmT_LM+P6H6HGgcnhMezUjnupKXzwwdg@mail.gmail.com>
Date: Mon, 24 Feb 2014 20:42:09 +0000
Message-ID: <CALzYgEf3e0k+BAmmDD8ZXEd+G8TvBugw-SLGeCczBBRw=yvYWw@mail.gmail.com>
From: Eran Messeri <eranm@google.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
Content-Type: multipart/alternative; boundary="001a11330d5469fddd04f32d0166"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/-2OKafUxvjFMwqAX55VSDRXqiTU
Cc: "trans@ietf.org" <trans@ietf.org>, Melinda Shore <melinda.shore@gmail.com>, Ben Laurie <benl@google.com>
Subject: Re: [Trans] Draft agenda
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2014 20:42:41 -0000

The part I proposed to put on the agenda was the general approach to
avoiding logging private subdomains.
Of the two proposed solutions in issue #20, only the 2nd option refers to
precertificates. We could still discuss the 1st one without discussing
precertificates at all.

There's the separate matter of precertificates and serial numbers. Given
the vibrant discussions around it on the list, it might as well be added to
the agenda.


On Mon, Feb 24, 2014 at 7:17 PM, Phillip Hallam-Baker <hallam@gmail.com>wrote:

> What exactly is a 'precertificate'. Either something is a cert or it is
> not.
>
> If it parses as an X.509v3 certificate then it is an X.509v3 certificate
> and thats an end to it.
>
> If it is not then it is probably a CSR which would seem to be the existing
> PKIX structure that fits its purpose.
>
>
>
>
> On Mon, Feb 24, 2014 at 1:21 PM, Ben Laurie <benl@google.com> wrote:
>
>> On 24 February 2014 17:52, Melinda Shore <melinda.shore@gmail.com> wrote:
>> > On 2/24/14 7:35 AM, Eran Messeri wrote:
>> >> I'll be happy to scribe half the session.
>> >
>> > Excellent - thank you.
>> >
>> >> As for the agenda, I'd like to suggest discussing handling of private
>> >> subdomains
>> >> <
>> https://code.google.com/p/certificate-transparency/issues/detail?id=20>.
>> >> IMHO while the suggestion in the issue makes sense , it'd benefit from
>> >> another review to make sure it would work as intended and covers all
>> >> cases CAs are concerned about.
>> >
>> > That one looks to me like a hairball.  Right now it's a MUST
>> > in 5280 that a serial number be unique for each certificate
>> > issued by a CA.
>>
>> Precertificates already share serial numbers with certificates. The
>> intent of 5280 is not violated by this practice, but perhaps needs
>> amending to permit it.
>>
>> _______________________________________________
>> Trans mailing list
>> Trans@ietf.org
>> https://www.ietf.org/mailman/listinfo/trans
>>
>
>
>
> --
> Website: http://hallambaker.com/
>