IETF Logo Mail Archive

Re: [Trans] Murray Kucherawy's Discuss on draft-ietf-trans-rfc6962-bis-36: (with DISCUSS)

Rob Stradling <rob@sectigo.com> Fri, 14 May 2021 18:27 UTC

Return-Path: <rob@sectigo.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAEDE3A3BDB; Fri, 14 May 2021 11:27:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.99
X-Spam-Level:
X-Spam-Status: No, score=-1.99 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sectigo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qbwsPLuWtGZw; Fri, 14 May 2021 11:27:07 -0700 (PDT)
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2055.outbound.protection.outlook.com [40.107.93.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFE9A3A3BD6; Fri, 14 May 2021 11:27:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OGhiqs71vo4/WLYqQ7lpGQrVAfVrUbOxfaXDmlzlYIEtyMDOrEawq7Klr95JwVHwsJJ3+NOk5jSM0OlzA7Dye/lZ5WyHCu0GL6CDzB9uQ8sXIw/8A5M+T9lzBRl0KaahDb1zB3wnEcIl2hcZNfmG6eeQu2ymcsSooN2d3uwQbrbOkIB5lH4E/rdLbzox9EUBCkqWLVjKtKo7XWweOm8rZoJKef6CgzDT7K50bRCzMXxGsvs1v1SNsP3R+BGWTq0joOX29dkjTWGGDfYCCocXhQgXrVDJr1fD5GqAthIt9NhAQfU/iatWUejP5nlTpWOsle/x2j0mkdbmlhKroTlzew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6gGD5Wy9OHH9ra5gGnpF8AUWyKIFSwwmNuMHjbNqfXk=; b=bMT10kLhBoQzfTcElAvTm8PCOTylySewQ0AhP/+aBXLyaIL2mMcf5EKYfq+gflCYvCJNVi/xdZyN3W2Fjr9y5Gxfr2Q1lqTq+il+SI1FqTdRIdstVgeMsf1GcXVKBwO/HL/nin8S2NNtSJXDG/OJyNNofAPcOWSmHKFi7IEuzj/6hHYYlU5YRo9Rcgt6cZWLKsZ/X+SNDZ2ki+GhKmR/ittJydQLJU86uiR4GL5q0tVicMTWjLbck3fiD45EI+yaufsWPJLwgP/JSKHRZDQGP1OtGT/OfcpvP+Xow2H+vU5C8rFgGX2cB4NpPBiAyYkL3yAY49E4yZ/D0fdFwfCZzw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sectigo.com; dmarc=pass action=none header.from=sectigo.com; dkim=pass header.d=sectigo.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sectigo.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6gGD5Wy9OHH9ra5gGnpF8AUWyKIFSwwmNuMHjbNqfXk=; b=BlbpEPGgbTHG3t3Bu4WtSv91IvBlINnuv/ZYq7i6GMlSiQ34QpGnvtilHbk4Jwvj8NtU/1av6xNTkfpaek2tatlE2D+1LEvTdgaypUz6ZtbCnggaCgXCXZmQfTRJYSXvyUd3AbDSHH1XjJbuF2dl0N5YOTMVxnW1aA98hLElbOk=
Received: from MW4PR17MB4729.namprd17.prod.outlook.com (2603:10b6:303:106::18) by MW4PR17MB4404.namprd17.prod.outlook.com (2603:10b6:303:67::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4129.28; Fri, 14 May 2021 18:27:04 +0000
Received: from MW4PR17MB4729.namprd17.prod.outlook.com ([fe80::7116:cc44:200a:924]) by MW4PR17MB4729.namprd17.prod.outlook.com ([fe80::7116:cc44:200a:924%7]) with mapi id 15.20.4129.028; Fri, 14 May 2021 18:27:04 +0000
From: Rob Stradling <rob@sectigo.com>
To: "Salz, Rich" <rsalz@akamai.com>, "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, "Murray S. Kucherawy" <superuser@gmail.com>
CC: "draft-ietf-trans-rfc6962-bis@ietf.org" <draft-ietf-trans-rfc6962-bis@ietf.org>, Paul Wouters <paul@nohats.ca>, "trans@ietf.org" <trans@ietf.org>, The IESG <iesg@ietf.org>, "trans-chairs@ietf.org" <trans-chairs@ietf.org>
Thread-Topic: [Trans] Murray Kucherawy's Discuss on draft-ietf-trans-rfc6962-bis-36: (with DISCUSS)
Thread-Index: AQHXSCD/JatCLkIfAkeP9IAbqvoNy6rhyYsAgAA2DgCAADfqgIAAOwoAgACzVYCAABhoAIAACcO8
Date: Fri, 14 May 2021 18:27:03 +0000
Message-ID: <MW4PR17MB4729344A64625F16A3A832ABAA509@MW4PR17MB4729.namprd17.prod.outlook.com>
References: <162092843952.1774.17184633862596345877@ietfa.amsl.com> <18343E4C-99E4-4C3F-85CD-DAD133902118@akamai.com> <CAL0qLwaDuxFe48YqUE=225JcYBakKYcqi-NyDFQ0mhWD4WCYWw@mail.gmail.com> <AE74DBB9-6048-453F-ABB6-882AA5733046@akamai.com> <CAL0qLwZK52kkKouNaSUavNTmCiiUc_B3d3sqaShUgVr5HyUUFg@mail.gmail.com> <CAE5F6A6-F4B8-4BB4-899A-05CB5A02C8C0@akamai.com>, <68B3F1DE-C552-4817-90BB-2DE11EB6974C@akamai.com>
In-Reply-To: <68B3F1DE-C552-4817-90BB-2DE11EB6974C@akamai.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: akamai.com; dkim=none (message not signed) header.d=none;akamai.com; dmarc=none action=none header.from=sectigo.com;
x-originating-ip: [146.198.249.158]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 270771df-9e8a-4414-352c-08d91705df76
x-ms-traffictypediagnostic: MW4PR17MB4404:
x-microsoft-antispam-prvs: <MW4PR17MB44047D7E0AC37D6D7F4708E4AA509@MW4PR17MB4404.namprd17.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: FLgMLQ5NwxV9sZVT5gVj9AH6Nb/NFDwUdwjiFhb5FpDalTwGHYZO8NCppiO14Xtvf7m9Gsk0AF7Yr8aQbZcZsXHLm6Up01pzgtczOkpIukzaFjAyrOHQsUK28gvkWcBdOjOZJ7gfuZOfL/awO1YvfPHLEXxj/fEnJol9aDhk3LL4xYaHpJMtLDPBpVjWDosjU/bZ0QOyCp8heTsteBIkuw71LwoH3NWrmIVFbrvIew67DuFc5biYjEdGCBUVxGTZE0R0EB9k3Zo7itCrZQ0rsm5K27v8VjdwL3IyzlIGqt3NF/pRYMrHS0kDKNxBsPGAHnp3r/v3X0iJFPgn1TDUaqr7cYytxbQWHOUgCMiaizGvrwJm6Ra6JEupQUMvkjUuKCgZQPtfNcqi2PqDHskzF4R2jeFfaZyjSC6j4Gr94ODpH2kgaoboGzlFhD+W7t6AmEKjGvLcGzrEoChoVDkGAYtI1Pf7tIwiFzgumqRAfD3lwwDtpucDn7iD8qvrtTLM1SRq4FyJ+rE4FfHphAqzqHz8V0aY1ViVItyPHQLzSAVaUhX8/9VmkvEuCtzAjgYQj7WjBO2hjWjEiPUWtig+eLj7lkZ4P2iY/+9NqYbzb8cdoL4HXHZ4Pm/YHStEhnxHS2SNQ8MlNFd46hLMfhFil2l5mPwbCOnNJ7Aqenuyogdi68At9BBOIqgSwYsQl5D1F7CnvrrAGbV91llPMFjmYQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MW4PR17MB4729.namprd17.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39830400003)(366004)(376002)(136003)(346002)(396003)(38100700002)(316002)(55016002)(83380400001)(122000001)(33656002)(5660300002)(76116006)(55236004)(66946007)(9686003)(91956017)(86362001)(4326008)(8676002)(71200400001)(110136005)(966005)(52536014)(7696005)(26005)(8936002)(2906002)(166002)(19627405001)(6506007)(66556008)(54906003)(53546011)(66446008)(64756008)(478600001)(186003)(66476007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 3dr7er82H7NAn2tIDkFfH8n55epJamKuNSvskDQqssTBJjyM1C1YsANnRxfmJwk1ELm5x4YzyYZwuFp7Rm82MdunZkumOjIQ4cBaOvRhfs2hzr07hB1EZTDc+GkjJ+145MNnnfAW3BzCpwktyT58CC48TZ+0VgtXjPhl0H8HeuayGAvExujj9z0zB6WOJsjm3zfWu0UHnqANv3iHMmzkhfNRjri/tSf0/kYAk91wBS7aCiCKFW9TA2fY+19XRR9dvCWkGjR6aivIbu6XHbVW2tIaqLdiCNgSph1/hRfHnSyDfVGkM6oDSRFnazlrA34A3BHL9eiy8QZowpqrNYM2CU/hzMorvS8gBEOsDuMEhdn7q0JQwwB+xBmCD3RhtG1fDO1wTXP15mtJ4jBdOLAJDo7BCaIytmAr/TMIcvHR3uEWGsSj29/bJ+tTuvlyt+OHW9S3EMTUGnmG491GNJNu6QKeUZiWWQnVsH/sFH3djJ7HYO4DSpCxKrz4DS29Gu5xfMbW/JV8ynTPnpIh4O/58m1nfxR9q0BXtHgzosyW4H93pAcuL5HslNRusQxRzW6rNZihTWX1S/oGOgerizgxHBp3vTBRX9CB35UaFKcn56jTSPo3jutmSDipGm8qgtvSUXStMLM2F7y8m0VkLbYLi8t1Ia/DuI+2yVKmqkDDCzkLLP1sXj/UWD/1tNWcsRFyxcqxLOPgwpvsl0T+4fzMXCNbC1fk0qvsKJG7VL6a+UzoikDHfJB20Y0sgr0SbFW5zPbjTUaZKC9M1/qgiHgz7LhfjOX3ZGmmG/lnSxjwZGTY8rijH61Wl/NwN04Pkd8A/nYiojRJqDnOrrqu1L4QJuP5f6Bp2gMbMNQDVQ65Q/uKuScTI9uXIeCFXcIVwZlA5nE1X3rr/oeMwlgtIl3HvUB/oyuKhI2mlZ1lGHaFbWqvVIKUQe1U3CPa40zhnzNJNwiPay9zwRTzZ1NKf0Wv1cZet62dgaYInIynsnCKZhSSwcG75+623OFj4AimnoVDHLP5a4nu1Bi05FxHDaIWAqk/LdFhg5e16arq6eJCzLZhPSc8zJXi+xVR5gqm5vavOrgW4v8o9Rp7GUH0CMpusjBIOEknkOib7F/tKUUbifO88b+EL5DAHBfiBTKSwau/vVgwR3+1Mu/PnLo6B+daIIT3lBvNLrPVHWi2fg6uJcTEQVIInHGljIg0zlfuCv6DhgRQt0TWU75ICGonOvKTwOmDjB14lSaJHli59sgVuO6CuCx9DouGXSBLTpr9qUF5ivoIHm6QFQ0IVu+tZe08Zx+HmHG9YpA653VEk8dWuOk/ng+4EDKVr1QDMvREP814
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MW4PR17MB4729344A64625F16A3A832ABAA509MW4PR17MB4729namp_"
MIME-Version: 1.0
X-OriginatorOrg: sectigo.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MW4PR17MB4729.namprd17.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 270771df-9e8a-4414-352c-08d91705df76
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 May 2021 18:27:03.9463 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0e9c4894-6caa-465d-9660-4b6968b49fb7
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: tjpjgKw0tfZm7zEE0r4zSNkJeeKMHAiU4HEAdG3MV2dpKsd+mexHbQj+FZ6CI9gugaBwd+i6bmOwatVmbqvxUw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR17MB4404
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/BlpVEai1F-01xP4oWFhv4lMr7LE>
Subject: Re: [Trans] Murray Kucherawy's Discuss on draft-ietf-trans-rfc6962-bis-36: (with DISCUSS)
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 May 2021 18:27:12 -0000

Although TRANS is set to wind down without really looking beyond 6962-bis, the original Charter also envisaged exploring "mechanisms and techniques that allow cryptographically verifiable logs to be deployed to improve the security of protocols other than HTTP over TLS, for example SMTP/TLS or software distribution", and this was a consideration when we planned the (sub-)registries that 6962-bis requests to be created.  Perhaps there will be renewed interest in exploring such things in the future, and if so, it's conceivable that folks will want to reuse mechanisms from 6962-bis and reuse the (sub-)registries.

So I would prefer to name the new, main registry "Public Notary Transparency" (the full name of this WG - see https://datatracker.ietf.org/wg/trans), and either (i) strip the "CT " prefix from the sub-registry names or (ii) change the prefix from "CT " to "Transparency ".

Does that make sense?

________________________________
From: Salz, Rich <rsalz@akamai.com>
Sent: 14 May 2021 18:33
To: Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org>; Murray S. Kucherawy <superuser@gmail.com>
Cc: draft-ietf-trans-rfc6962-bis@ietf.org <draft-ietf-trans-rfc6962-bis@ietf.org>; Paul Wouters <paul@nohats.ca>; trans@ietf.org <trans@ietf.org>; The IESG <iesg@ietf.org>; trans-chairs@ietf.org <trans-chairs@ietf.org>
Subject: Re: [Trans] Murray Kucherawy's Discuss on draft-ietf-trans-rfc6962-bis-36: (with DISCUSS)


CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.




  *   It looks like you're making six related registries in Sections 10.2.1 through 10.2.6.  Would it make sense to create a main registry called "Certificate Transparency Parameters" that contains these six sub-registries?



>> I was not familiar with that distinction until now.  Sure, I’ll do that.  Is there standard wording one should use?



I tried to follow RFC 8126.



https://github.com/google/certificate-transparency-rfcs/pull/334<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fgoogle%2Fcertificate-transparency-rfcs%2Fpull%2F334&data=04%7C01%7C%7Ca79b9e57bc674a5bc40f08d916fe6f97%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637566104446649926%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=cR69ul1vCZSqNb7vivgsFtDbKWtbSTJbvmWKCHdI5Y8%3D&reserved=0>

v2.23.0 | Report a Bug | By Email