Re: [Trans] Precertificate format

Stephen Kent <> Mon, 15 September 2014 19:02 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id ABACC1A00E4 for <>; Mon, 15 Sep 2014 12:02:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.853
X-Spam-Status: No, score=-5.853 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.652, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id oyx3Ztf7_KsJ for <>; Mon, 15 Sep 2014 12:02:37 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A46E51A6FB1 for <>; Mon, 15 Sep 2014 11:52:23 -0700 (PDT)
Received: from ([]:33097 helo=comsec.home) by with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <>) id 1XTbO9-000PNp-3y for; Mon, 15 Sep 2014 14:52:37 -0400
Message-ID: <>
Date: Mon, 15 Sep 2014 14:52:20 -0400
From: Stephen Kent <>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
References: <> <> <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Trans] Precertificate format
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 15 Sep 2014 19:02:39 -0000


> ...
> I think its pretty clear what the purpose of CT is - to make it
> possible to detect mis-issuance of certificates - i.e. that
> certificates conform to all the requirements for issuance. And its
> also clear that to do this, you need to be able to see the contents of
> the certificate. This is the threat model. Or, if you really want it
> phrased as a threat, the threat is that some CA might issue a
> certificate that does not conform to the requirements for issuance
> (which, btw, vary over time) and the mitigation is a public,
> append-only, verifiable log of the contents of all issued
> certificates.
> The I-D clearly states this already, I think, but if you don't like
> the text, perhaps you can propose something you'd like better?
Here's some suggested text that matches my model for a threat model 

> ...
>>> However, when you suggest that inclusion of some particular thing is
>>> problematic, then we can, of course, refer to potential problems CT
>>> might reveal and available remedies as an illustration of why that
>>> thing is needed.
>> I don't know what this last, rather long sentence means. Please elaborate.
> What I meant was that mentioning a problem in order to explain why
> some field is needed does not mean that we then have to enumerate all
> problems, find a problem that justifies every field, etc.
Thanks for the clarification. I disagree. If one lists every field
to be covered by an SCT, and notes why the field needs to be covered,
then the coverage is clearly justified. Saying that we'll cover every field
because there might be a need to do so, even though we can't articulate
it, can lead to unnecessary complexity. For example, right now TCPINC
WG is performing this exercise for the TCP header, to justify which fields
needs to be integrity-protected. I agree that an X.509 cert is a much
bigger, more complex data structure, but the principle is the same.