Re: [Trans] defining "mis-issuance"

Rob Stradling <rob.stradling@comodo.com> Wed, 01 October 2014 15:33 UTC

Return-Path: <rob.stradling@comodo.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24C031A1A12 for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 08:33:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.11
X-Spam-Level:
X-Spam-Status: No, score=0.11 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, HELO_MISMATCH_NET=0.611, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q5cwxefn5zPK for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 08:32:59 -0700 (PDT)
Received: from ian.brad.office.comodo.net (eth5.brad-fw.brad.office.ccanet.co.uk [178.255.87.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E287A1ACE57 for <trans@ietf.org>; Wed, 1 Oct 2014 08:32:56 -0700 (PDT)
Received: (qmail 6351 invoked by uid 1000); 1 Oct 2014 15:32:55 -0000
Received: from and0004.comodo.net (HELO [192.168.0.58]) (192.168.0.58) (smtp-auth username rob, mechanism plain) by ian.brad.office.comodo.net (qpsmtpd/0.40) with (AES128-SHA encrypted) ESMTPSA; Wed, 01 Oct 2014 16:32:55 +0100
Message-ID: <542C1EA6.8050106@comodo.com>
Date: Wed, 01 Oct 2014 16:32:54 +0100
From: Rob Stradling <rob.stradling@comodo.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.1.1
MIME-Version: 1.0
To: Stephen Kent <kent@bbn.com>, "trans@ietf.org" <trans@ietf.org>
References: <542477E3.8070304@bbn.com><544B0DD62A64C1448B2DA253C011414607D1628D70@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM><542971A7.7030700@bbn.com><544B0DD62A64C1448B2DA253C011414607D174DEB1@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM> <542C1846.7060303@bbn.com>
In-Reply-To: <542C1846.7060303@bbn.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/39tRPlR0avJ0Mx82X1lNymuX9W8
Subject: Re: [Trans] defining "mis-issuance"
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Oct 2014 15:33:01 -0000

On 01/10/14 16:05, Stephen Kent wrote:
<snip>
> Rick,
<snip>
> Still, your point is a good one.  We could push the syntax checking back
> to Monitors, but then we loose the ability to provide immediate feedback
> to CAs that are issuing syntactically malformed certs. I'll have to think
> more about this issue.

Stephen,
The "ability to provide immediate feedback to CAs that are issuing 
syntactically malformed certs" sounds like a nice idea, but surely this 
could be implemented as a stand-alone application or web service?
Why would you want it to be an intrinsic part of CT?

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online