IETF Logo Mail Archive

Re: [Trans] Certificate verification

Matt Palmer <mpalmer@hezmatt.org> Fri, 17 October 2014 23:44 UTC

Return-Path: <mpalmer@hezmatt.org>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B0DC1A8758 for <trans@ietfa.amsl.com>; Fri, 17 Oct 2014 16:44:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.012
X-Spam-Level:
X-Spam-Status: No, score=-0.012 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OU2YdY6CSjtg for <trans@ietfa.amsl.com>; Fri, 17 Oct 2014 16:44:04 -0700 (PDT)
Received: from mail.hezmatt.org (sasquatch.hezmatt.org [70.85.129.92]) by ietfa.amsl.com (Postfix) with ESMTP id EAADE1A8755 for <trans@ietf.org>; Fri, 17 Oct 2014 16:44:03 -0700 (PDT)
Received: from mistress.home.hezmatt.org (unknown [10.6.66.6]) by mail.hezmatt.org (Postfix) with ESMTP id E5513282E37 for <trans@ietf.org>; Sat, 18 Oct 2014 10:44:00 +1100 (EST)
Received: by mistress.home.hezmatt.org (Postfix, from userid 1000) id 1016D9FCFF; Sat, 18 Oct 2014 10:44:00 +1100 (EST)
Date: Sat, 18 Oct 2014 10:44:00 +1100
From: Matt Palmer <mpalmer@hezmatt.org>
To: trans@ietf.org
Message-ID: <20141017234400.GT9502@hezmatt.org>
References: <871tq6uaf1.fsf@nordberg.se>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <871tq6uaf1.fsf@nordberg.se>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/A-Dj90yggtmW3jmlV6Y6UmUCNxc
Subject: Re: [Trans] Certificate verification
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Oct 2014 23:44:05 -0000

On Fri, Oct 17, 2014 at 02:51:14PM +0200, Linus Nordberg wrote:
> 6962bis-4 says that logs may log and publish invalid certificates as
> long as the chain ends in a known cert. It then lists three examples of
> what can be accepted, all related to time.

[...]

> Since the purpose of the log is to put light on bad certificates, would
> it make sense to instead have text 1) specifying a minimum of checks to
> be done (i.e. the chain) and 2) encouraging logging and publishing of
> all other certificates?

IMO, yes.  My opinion is that a log which rejects certificates for reasons
other than those required to maintain the operation of the log (ie spamming)
is worthless -- you're *not* getting a complete view of what a CA intended
to issue, you're getting some sort of filtered, sanitised view of it.

> On a minor note, I think that "trusted" in the very first sentence
> should be changed to "known. Should I use the issue tracker?

I've been advised that for small, non-controversial changes, submitting a
pull request direct to the github repo is fine.

- Matt

v2.23.0 | Report a Bug | By Email