[Trans] RFC6962 BIS Log file encodings.
Phillip Hallam-Baker <hallam@gmail.com> Thu, 13 March 2014 17:29 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 530911A0A39 for <trans@ietfa.amsl.com>; Thu, 13 Mar 2014 10:29:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NQYygu44vpQK for <trans@ietfa.amsl.com>; Thu, 13 Mar 2014 10:29:21 -0700 (PDT)
Received: from mail-la0-x22a.google.com (mail-la0-x22a.google.com [IPv6:2a00:1450:4010:c03::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 7FF601A0A36 for <trans@ietf.org>; Thu, 13 Mar 2014 10:29:21 -0700 (PDT)
Received: by mail-la0-f42.google.com with SMTP id ec20so937436lab.29 for <trans@ietf.org>; Thu, 13 Mar 2014 10:29:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=EOB7ySd8zhdVjnhHMElDHHmo1ASJ01kWG+Hu3XkjZ9U=; b=o8BW9FSO158jFhf6v0+znxFgnWsgbCVkR6Nh2mDzSkW6z2Y5x3u3ANC1k7FqL3DsDj i2xFp62fLeWWHBnQNc3WH6LG0rJk1yfqmDs3RNtVDz+eAQLiw5YpEUQOa4zPfWLWXuJH 2hx5UV97lxjT8wcuq/AP/x8UtRxYXUVUIu7oTmPx5iFJZyQQDS5YczqZRDIRVI9l8ZI0 /qramwTn2zSnEzgUrsOXo/cD4hMrmT/gZqAqJX7UDV8I922cAm5d1gxsSdMbfl+gVIfs Kzc7Amqf3Yb3YYz1YGEcSQHUk3/o4q23zEEoIYCUza5azou6RGRdPaFkPbAOw+4/h2XB mPnQ==
MIME-Version: 1.0
X-Received: by 10.152.18.135 with SMTP id w7mr2089514lad.29.1394731754401; Thu, 13 Mar 2014 10:29:14 -0700 (PDT)
Received: by 10.112.234.229 with HTTP; Thu, 13 Mar 2014 10:29:14 -0700 (PDT)
Date: Thu, 13 Mar 2014 13:29:14 -0400
Message-ID: <CAMm+Lwjy7gMphsfByROYP2WDTvP4nVkCQPj=oHkVFr=AQv=qjw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: "trans@ietf.org" <trans@ietf.org>
Content-Type: multipart/alternative; boundary="089e0141a7dac7353b04f4804ab8"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/3gIvnpc20QfR-Dj09y6W5tyhRFs
Subject: [Trans] RFC6962 BIS Log file encodings.
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Mar 2014 17:29:25 -0000
I am trying to make sense of the log file encoding (section 3). this does not seem to me to be properly or clearly specified. RFC6962 punts the encoding question to RFC5246 but this only helps somewhat because the description there is atrocious. In particular it is implicit in the text that digitaly-signed is equivalent to the ASN.1 macro. But this isn't actually explained anywhere in section 4 of 5246. So as a result there is no information on where the signature appears in the data stream, does it precede or follow the signed data? This is quite problematic because in the TLS use the signed data does not appear on the wire at all, the construct is used in client auth when the prior handshake is signed so there is no need to retransmit the data. It looks to me like the idea here is that the SCT does not need to include the certificate or precertificate data because the corresponding signed data will always be implicit from the mode of use. But that needs to be clearly stated. At the moment the specification is assuming that the reader has a high degree of familiarity with PKIX and TLS encodings and can switch gear between them. -- Website: http://hallambaker.com/
- [Trans] RFC6962 BIS Log file encodings. Phillip Hallam-Baker
- Re: [Trans] RFC6962 BIS Log file encodings. Rob Stradling
- Re: [Trans] RFC6962 BIS Log file encodings. Phillip Hallam-Baker
- Re: [Trans] RFC6962 BIS Log file encodings. Eran Messeri
- Re: [Trans] RFC6962 BIS Log file encodings. Rick Andrews
- Re: [Trans] RFC6962 BIS Log file encodings. David A. Cooper
- Re: [Trans] RFC6962 BIS Log file encodings. Rick Andrews
- Re: [Trans] RFC6962 BIS Log file encodings. Phillip Hallam-Baker
- Re: [Trans] RFC6962 BIS Log file encodings. Rick Andrews
- Re: [Trans] RFC6962 BIS Log file encodings. Salz, Rich
- Re: [Trans] RFC6962 BIS Log file encodings. Erwann Abalea
- Re: [Trans] RFC6962 BIS Log file encodings. Bill Frantz
- Re: [Trans] RFC6962 BIS Log file encodings. Erwann Abalea
- Re: [Trans] RFC6962 BIS Log file encodings. Bill Frantz
- Re: [Trans] RFC6962 BIS Log file encodings. Rob Stradling
- Re: [Trans] RFC6962 BIS Log file encodings. Rob Stradling
- Re: [Trans] RFC6962 BIS Log file encodings. Stephen Kent
- Re: [Trans] RFC6962 BIS Log file encodings. Stephen Kent
- Re: [Trans] RFC6962 BIS Log file encodings. Salz, Rich
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Stephen Kent
- Re: [Trans] RFC6962 BIS Log file encodings. Bill Frantz
- Re: [Trans] RFC6962 BIS Log file encodings. Gervase Markham
- Re: [Trans] RFC6962 BIS Log file encodings. Gervase Markham
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Eran Messeri