IETF Logo Mail Archive

Re: [Trans] overview of remaining(?) DISCUSS items for draft-ietf-trans-rfc6962-bis-33

Andrew Ayer <agwa@andrewayer.name> Tue, 24 September 2019 11:55 UTC

Return-Path: <agwa@andrewayer.name>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18EE71201E5 for <trans@ietfa.amsl.com>; Tue, 24 Sep 2019 04:55:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewayer.name
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id clPzfiiUx-pY for <trans@ietfa.amsl.com>; Tue, 24 Sep 2019 04:55:21 -0700 (PDT)
Received: from thomson.beanwood.com (thomson.beanwood.com [IPv6:2600:1f16:719:be00:5c48:f083:d884:d130]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 375EF120143 for <trans@ietf.org>; Tue, 24 Sep 2019 04:55:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=andrewayer.name; s=beanwood20160511; t=1569326120; bh=+lh2UQldcFrSKB4Y5S6cbIBE6+pW2vqMUZ/YdXHPAsQ=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=CeascupPoh6rmwujlg7GVso9ttQhn2C7V/25EkGk1VW1okWvGYfYxHeDlKtCDNyqF NxSwFDThFhgeQ+s4oKPACcrASs7B39PDZW+/Mg3Kpp6hqkDQNOAbAvF3WPNUfgsL/V i3GOaep4NX6+yBV4Mf1uQFE9Q3qVEGiUy4xJmt9lAq3tFAPRUWP6tkb2Ux7PZ8125E rmoTE8h3NUfWTdoC9YrbS8jPdQV20jy52VF1RlM7837gpalzw6R+vddHXLeSrI0TxJ z1fearwgE5LCBCltyAkeMewgcVsZaJbSHtHKK5hS4S0bTL6gAPyJgovtJ/uawcAhXb SQdpa540pTC3w==
Date: Tue, 24 Sep 2019 07:55:19 -0400
From: Andrew Ayer <agwa@andrewayer.name>
To: Paul Wouters <paul@nohats.ca>
Cc: Rob Stradling <rob@sectigo.com>, Trans <trans@ietf.org>, Alissa Cooper <alissa@cooperw.in>
Message-Id: <20190924075519.6a9daab1def6475bd26e5370@andrewayer.name>
In-Reply-To: <alpine.LRH.2.21.1909231733480.23118@bofh.nohats.ca>
References: <alpine.LRH.2.21.1909181506160.11898@bofh.nohats.ca> <b6ec6a38-a4c2-64b4-0584-d13deead2605@sectigo.com> <alpine.LRH.2.21.1909191211080.29314@bofh.nohats.ca> <4632c221-c207-72c4-83c3-ecc8dcbf2ba7@sectigo.com> <alpine.LRH.2.21.1909231733480.23118@bofh.nohats.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/QhbNCOmDcd0Aaly0CA6fT4iHrgk>
Subject: Re: [Trans] overview of remaining(?) DISCUSS items for draft-ietf-trans-rfc6962-bis-33
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Sep 2019 11:55:24 -0000

On Mon, 23 Sep 2019 17:35:52 -0400 (EDT)
Paul Wouters <paul@nohats.ca> wrote:

> On Mon, 23 Sep 2019, Rob Stradling wrote:
> 
> >> So this seems to contradict itself. You give a good reason why a
> >> base url might change, then suggest to say MUST NOT. And you
> >> cannot add a new entry with updated base url using the same OID I
> >> guess? So one would have to replay the existing log into a new
> >> one. If that becomes a common practise, how is this
> >> distinguishable from a log reply that removes an entry and urges
> >> everyone to (automatically or not) update to the new base url ?
> >
> > Hi Paul.  This was my thought process...
> >
> > A mechanism for a log to change its base url might be "nice to
> > have", but it would add complexity.  Adding complexity should be
> > avoided unless it's "really necessary".  "nice to have" is not
> > "really necessary", and besides, there is already a mechanism for
> > achieving the same goal: retire the current log and spin up a new
> > log.
> >
> > The ecosystem needs to be agile enough to support regular log
> > retirement and regular spinning up of new logs, so let's not
> > (over)engineer an alternative mechanism that assumes the ecosystem
> > lacks that agility.
> 
> While I agree with you, I am just a WG chair. So we need to hear a few
> more opinions of people and then if there is a consensus, we can go
> ahead and make this change.

I'm also not sure what "this change" would be, but I agree with the
other comments here that CT shouldn't provide a mechanism for logs to
change URL.

Regards,
Andrew

v2.23.0 | Report a Bug | By Email