[Trans] overview of remaining(?) DISCUSS items for draft-ietf-trans-rfc6962-bis-33
Paul Wouters <paul@nohats.ca> Wed, 18 September 2019 19:07 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C55F6120128 for <trans@ietfa.amsl.com>; Wed, 18 Sep 2019 12:07:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4T2V7bbuAFv5 for <trans@ietfa.amsl.com>; Wed, 18 Sep 2019 12:07:12 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43FF71200E6 for <trans@ietf.org>; Wed, 18 Sep 2019 12:07:12 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 46YTxT0dw9zMBf for <trans@ietf.org>; Wed, 18 Sep 2019 21:07:09 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1568833629; bh=lQTOwve5ZeFCvAhzzCUWQVX12BUuZnbgV2T+/qUExeg=; h=Date:From:To:Subject; b=KhW9968UdC+tYA13F77KTYHIizhYji2qXVEw+CGK9m/w06TF8sdA8k+D8OQQKKFgV awvuFf/100fXVf3OSQVsqtGWzelABOjQ3bjnFvCPkgvn0inGVRN1E/SFmS2eUyWAFf yyDhvUQuzhqj+KccvmZ2YKZwRJXIP/qMwoacuQY4=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id fikKZ2Q9bz0N for <trans@ietf.org>; Wed, 18 Sep 2019 21:07:07 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS for <trans@ietf.org>; Wed, 18 Sep 2019 21:07:06 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 6B0414B1A12; Wed, 18 Sep 2019 15:07:05 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 6B0414B1A12
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 578CD400083E for <trans@ietf.org>; Wed, 18 Sep 2019 15:07:05 -0400 (EDT)
Date: Wed, 18 Sep 2019 15:07:05 -0400
From: Paul Wouters <paul@nohats.ca>
To: Trans <trans@ietf.org>
Message-ID: <alpine.LRH.2.21.1909181506160.11898@bofh.nohats.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-15"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/9zGMHr_Fu1EefWbvthvqSANl3nA>
Subject: [Trans] overview of remaining(?) DISCUSS items for draft-ietf-trans-rfc6962-bis-33
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2019 19:07:15 -0000
On Wed, 18 Sep 2019, Rob Stradling wrote: > No comments received after a week, so I'm going to merge PR 312 now and > publish -33. Looking at the DISCUSS items, I see some minor items that seems to require some small edits. Can the authors answers these DISCUSS questions cited below and let us know if they will do another revision or whether they consider all DISCUSS items below resolved? Paul Alissa Cooper: = Section 10.3 = This section needs to state what the registry policy is for the code points not already registered (presumably Expert Review given 10.3.1, but it needs to be explicit). = Section 10.6.1 = FCFS registries by definition can require additional information to be provided in order to get something registered. For avoidance of confusion I think the assignment policy should be listed as First Come First Served and the requirement that parameters be included in the application can use a normative MUST in the last paragraph if there is concern that the parameters won't be supplied. However, I also wonder what will be done with the parameters that are supplied. Is IANA expected to just maintain them privately, or to publish them? What is expected to appear in the 'Log' column in the registry? And let me add my own question regarding 10.6.1. Should we expect these registry entries can change over time? If so, is it definied anywhere what consumers are supposed to do or how they are supposed to find out, that a log base url has changed? Shouldn't such a change be done using a new OID? Benjamin Kaduk: Sections 4.11 and 4.12 have arrays of NodeHash to carry consistency and inclusion proofs, respectively, with minimum array size of 1. However, Sections 2.1.4.1 and 2.1.3.1 (respectively) seem to admit the possibility of zero-length proofs in degenerate cases Mirja Kühlewind: There was a presentation at maprg IETF 103 about the question if CT helps attackers to find new domains. I think this risk should at least be mentioned in the security considerations section. To answer Mirja, the work to discuss these were going to appear in the threat model draft. Unfortunately, this document got stuck due to unworkable differences between the author and the WG. While I don't object to adding a sentence covering your DISCUSS, I do not believe the WG should try to cherry-pick content of the threat document at this stage. So I think we should limit the Security Considerations to the specific bis document specification, and not include issues that cover the whole the CT ecosystem. Alexey Melnikov: I think you need to register [log client message type URN] in <https://www.iana.org/assignments/params/params.xhtml#params-1> Also, can you clarify whether error need an IANA registry?
- [Trans] overview of remaining(?) DISCUSS items fo… Paul Wouters
- Re: [Trans] overview of remaining(?) DISCUSS item… Rob Stradling
- Re: [Trans] overview of remaining(?) DISCUSS item… Paul Wouters
- Re: [Trans] overview of remaining(?) DISCUSS item… Rob Stradling
- Re: [Trans] overview of remaining(?) DISCUSS item… Paul Wouters
- Re: [Trans] overview of remaining(?) DISCUSS item… Ryan Sleevi
- Re: [Trans] overview of remaining(?) DISCUSS item… Rob Stradling
- Re: [Trans] overview of remaining(?) DISCUSS item… Andrew Ayer
- Re: [Trans] overview of remaining(?) DISCUSS item… Paul Wouters
- Re: [Trans] overview of remaining(?) DISCUSS item… Rob Stradling
- Re: [Trans] overview of remaining(?) DISCUSS item… Eran Messeri
- Re: [Trans] overview of remaining(?) DISCUSS item… Alissa Cooper
- Re: [Trans] overview of remaining(?) DISCUSS item… Rob Stradling
- Re: [Trans] overview of remaining(?) DISCUSS item… Rob Stradling
- Re: [Trans] overview of remaining(?) DISCUSS item… Paul Wouters