IETF Logo Mail Archive

Re: [Trans] [Public Notary Transparency Wiki] #179: Indicate certificate / precertificate in Entry and SCT

"trans issue tracker" <trac+trans@ietf.org> Wed, 03 May 2017 17:47 UTC

Return-Path: <trac+trans@ietf.org>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFE82129B44 for <trans@ietfa.amsl.com>; Wed, 3 May 2017 10:47:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.02
X-Spam-Level:
X-Spam-Status: No, score=0.02 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-1, BAYES_20=-0.001, MISSING_HEADERS=1.021] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c3FVtftBtCPN; Wed, 3 May 2017 10:47:15 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AE9412948D; Wed, 3 May 2017 10:45:35 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: trans issue tracker <trac+trans@ietf.org>
X-Trac-Version: 1.0.10
Precedence: bulk
Cc: trans@ietf.org
Auto-Submitted: auto-generated
X-Mailer: Trac 1.0.10, by Edgewall Software
X-Trac-Project: Public Notary Transparency Wiki
Date: Wed, 03 May 2017 17:45:35 -0000
X-URL:
X-Trac-Ticket-URL: https://trac.ietf.org/trac/trans/ticket/179#comment:3
Message-ID: <037.e3fcee5a6593dd3d3b5683ee98bd975b@ietf.org>
References: <022.c4deaa956f97aaf7d924c4d1ddc41cbf@ietf.org>
X-Trac-Ticket-ID: 179
In-Reply-To: <022.c4deaa956f97aaf7d924c4d1ddc41cbf@ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/F9mAgmxKViSGDlzXg4v9P5UEDHE>
Subject: Re: [Trans] [Public Notary Transparency Wiki] #179: Indicate certificate / precertificate in Entry and SCT
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 May 2017 17:47:17 -0000

#179: Indicate certificate / precertificate in Entry and SCT
-------------------------+---------------------------------------------
 Reporter:  rlb@…        |       Owner:  draft-ietf-trans-rfc6962-bis@…
     Type:  defect       |      Status:  new
 Priority:  major        |   Milestone:
Component:  rfc6962-bis  |     Version:
 Severity:  -            |  Resolution:
 Keywords:               |
-------------------------+---------------------------------------------

Comment (by eranm@…):

 Corollary:
 - SCTs *are* defined as TransItems of type x509_sct_v2 or precert_sct_v2.
 - This is a non-trivial change to the data structures, which may require a
 stronger justification than the one we currently have (at least two
 structures I've identified, and signature scheme may change).
 - Other fields may have to move into the SignedCertificateTimestampDataV2
 to contain all the necessary information to be passed around without the
 TransItem (see previous point).
 - This would undo the work to unify several "type" indicators in 6962 into
 a single one in -bis.

 Overall I agree with the sentiment that some data structures in 6962-bis
 need to be renamed to clarify what role they play.

--
Ticket URL: <https://trac.ietf.org/trac/trans/ticket/179#comment:3>
Public Notary Transparency  Wiki <https://trac.ietf.org/trac/trans>
My example project

v2.23.0 | Report a Bug | By Email