Re: [Trans] Bad Technical Decision: Closing out the SCT encoding discussion
Nico Williams <nico@cryptonector.com> Sat, 14 March 2015 00:02 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8B491A87CD for <trans@ietfa.amsl.com>; Fri, 13 Mar 2015 17:02:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.666
X-Spam-Level:
X-Spam-Status: No, score=-1.666 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wnwdiN_FX_YF for <trans@ietfa.amsl.com>; Fri, 13 Mar 2015 17:02:13 -0700 (PDT)
Received: from homiemail-a25.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id 299DD1A8756 for <trans@ietf.org>; Fri, 13 Mar 2015 17:02:13 -0700 (PDT)
Received: from homiemail-a25.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a25.g.dreamhost.com (Postfix) with ESMTP id 8CD16678057; Fri, 13 Mar 2015 17:02:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=kIGaE/tCnniE62 dSxlIMmz9F+NM=; b=RM4/JOVNc+GAJCGhTif7q/KYAJiHbcgpCHASVppvi0kmSx xREcSO1xYCy3s7JI0aF9DI2p/oSjf58o+gwUzw2Z/k1SjgGfFH7sK5GvxRfEcNpP SBCU5UhyepzsVoDo4Jyad9jQMIQr73JF9859jjsx1lDqIuDpNScXvP/Jf4Do4=
Received: from localhost (108-207-244-174.lightspeed.austtx.sbcglobal.net [108.207.244.174]) (Authenticated sender: nico@cryptonector.com) by homiemail-a25.g.dreamhost.com (Postfix) with ESMTPA id 10432678055; Fri, 13 Mar 2015 17:02:11 -0700 (PDT)
Date: Fri, 13 Mar 2015 19:02:11 -0500
From: Nico Williams <nico@cryptonector.com>
To: Russ Housley <housley@vigilsec.com>
Message-ID: <20150314000210.GD3479@localhost>
References: <550257A0.8050401@gmail.com> <B87AFA6C-2B9F-474C-AE0F-BF07829CD139@vigilsec.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <B87AFA6C-2B9F-474C-AE0F-BF07829CD139@vigilsec.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/9aDy__-htdQm8tYdSUDMT4RcUiU>
Cc: Paul Wouters <paul@nohats.ca>, trans@ietf.org, Melinda Shore <melinda.shore@gmail.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [Trans] Bad Technical Decision: Closing out the SCT encoding discussion
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Mar 2015 00:02:14 -0000
jn Fri, Mar 13, 2015 at 02:58:32PM -0400, Russ Housley wrote: > I strongly disagree with this technical decision. The content of > certificate extensions should be OCTET STRING wrapped ASN.1 > structures, and I pointed out the text in RFC 2459 (that remains in > RFC 5280) during this discussion. I am quite concerned with (4) > listed below. I hope you will revisit this decision. Indeed. The fact that Certificate includes TBSCertificate without wrapping it in an OCTET STRING has caused problems before. Typed holes should always include an OCTET STRING wrapper in ASN.1-based protocols. Nico --
- Re: [Trans] Bad Technical Decision: Closing out t… Paul Wouters
- Re: [Trans] Bad Technical Decision: Closing out t… Nico Williams
- [Trans] Closing out the SCT encoding discussion Melinda Shore
- [Trans] Bad Technical Decision: Closing out the S… Russ Housley
- Re: [Trans] Bad Technical Decision: Closing out t… Stephen Farrell
- Re: [Trans] Bad Technical Decision: Closing out t… Rob Stradling
- Re: [Trans] Bad Technical Decision: Closing out t… Russ Housley
- Re: [Trans] Bad Technical Decision: Closing out t… Stephen Farrell
- Re: [Trans] Bad Technical Decision: Closing out t… Russ Housley
- Re: [Trans] Bad Technical Decision: Closing out t… Rob Stradling
- Re: [Trans] Bad Technical Decision: Closing out t… Rob Stradling
- Re: [Trans] Bad Technical Decision: Closing out t… Stephen Farrell
- Re: [Trans] Bad Technical Decision: Closing out t… Erwann Abalea
- Re: [Trans] Bad Technical Decision: Closing out t… Nico Williams