IETF Logo Mail Archive

Re: [Trans] Murray Kucherawy's Discuss on draft-ietf-trans-rfc6962-bis-36: (with DISCUSS)

Paul Wouters <paul.wouters@aiven.io> Fri, 14 May 2021 15:38 UTC

Return-Path: <paul.wouters@aiven.io>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 073143A36B7 for <trans@ietfa.amsl.com>; Fri, 14 May 2021 08:38:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.234
X-Spam-Level:
X-Spam-Status: No, score=-1.234 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t2wnkfZRx4AH for <trans@ietfa.amsl.com>; Fri, 14 May 2021 08:38:14 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C07FD3A36B2 for <trans@ietf.org>; Fri, 14 May 2021 08:38:14 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 4FhXjc0YkqzCLK; Fri, 14 May 2021 17:38:12 +0200 (CEST)
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id zu6kGHVb9cCw; Fri, 14 May 2021 17:38:10 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [193.110.157.194]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Fri, 14 May 2021 17:38:10 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 9E4F459366; Fri, 14 May 2021 11:38:09 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 9B2F559365; Fri, 14 May 2021 11:38:09 -0400 (EDT)
Date: Fri, 14 May 2021 11:38:09 -0400
From: Paul Wouters <paul.wouters@aiven.io>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
cc: "David A. Cooper" <david.cooper=40nist.gov@dmarc.ietf.org>, "trans@ietf.org" <trans@ietf.org>
In-Reply-To: <6FA09B51-45C3-497E-BC9F-A2C128F17B2C@akamai.com>
Message-ID: <917438f2-7025-6f3c-d257-20f665812fa@nohats.ca>
References: <62a613c5-3cc3-e7fa-506d-d4875e88e546@nist.gov> <6FA09B51-45C3-497E-BC9F-A2C128F17B2C@akamai.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/Q6_8SM6fZqcwUA9aYuzuTRw9VUI>
Subject: Re: [Trans] Murray Kucherawy's Discuss on draft-ietf-trans-rfc6962-bis-36: (with DISCUSS)
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 May 2021 15:38:16 -0000

On Fri, 14 May 2021, Salz, Rich wrote:

>  *  I suppose an algorithm could be added to the TLS SignatureScheme registry even if it did have one, two, or three hundred KB
>     public keys and so was unlikely to ever be used for TLS. However, I just wanted to raise a potential issue with limiting
>     Certificate Transparency to only using signature schemes approved for use with TLS.
> 
> This is a reasonable point to consider, but as the WG has been in “get this draft published and then close” for a few years now,
> it’s probably too late.

Yes, I don't see this issue as one that would prevent this document from
working. So we are not going to take this up now.

So once this issue comes up in the future, or becomes plausible for
needing a solution, it can be worked on in a new WG.

Paul

v2.23.0 | Report a Bug | By Email