Re: [Trans] 6962bis and signed_certificate_timestamp issue
Rob Stradling <rob@sectigo.com> Fri, 22 February 2019 15:34 UTC
Return-Path: <rob@sectigo.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id B66FD130F55
for <trans@ietfa.amsl.com>; Fri, 22 Feb 2019 07:34:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=comodoca.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id uodYus1m4szE for <trans@ietfa.amsl.com>;
Fri, 22 Feb 2019 07:34:43 -0800 (PST)
Received: from NAM05-DM3-obe.outbound.protection.outlook.com
(mail-eopbgr730073.outbound.protection.outlook.com [40.107.73.73])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 26AA2130F01
for <trans@ietf.org>; Fri, 22 Feb 2019 07:34:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=comodoca.onmicrosoft.com; s=selector1-sectigo-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=4cyJFkWLLWAGHUcb/DqWV4jnTSZi5nvyN7qoy/8jsdY=;
b=iJLja1D4TAeHBWrlFmx9Hs9mifomqDY/kzC1p0PiCa7w8sqXI5Ks773nWJUc9u5VIK7KijosyXDEBVHJoZhvYqQlUt1uP22NwswACKJ2IdXnMXGOFDwGrOccr6D4JjXZv8Cm8e8jMTUaCxEHp3MwLA+bMof10+0m0d7QYBvkxN0=
Received: from DM6PR17MB2716.namprd17.prod.outlook.com (20.178.224.155) by
DM6PR17MB2123.namprd17.prod.outlook.com (20.176.92.13) with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.1643.18; Fri, 22 Feb 2019 15:34:40 +0000
Received: from DM6PR17MB2716.namprd17.prod.outlook.com
([fe80::80e1:4c3b:1fac:22b9]) by DM6PR17MB2716.namprd17.prod.outlook.com
([fe80::80e1:4c3b:1fac:22b9%6]) with mapi id 15.20.1643.014; Fri, 22 Feb 2019
15:34:40 +0000
From: Rob Stradling <rob@sectigo.com>
To: Paul Wouters <paul@nohats.ca>, Trans <trans@ietf.org>
Thread-Topic: [Trans] 6962bis and signed_certificate_timestamp issue
Thread-Index: AQHUysK86ImzxnrBI0uWnUixf87NQ6Xr8q+A
Date: Fri, 22 Feb 2019 15:34:40 +0000
Message-ID: <95dbc6ef-1817-b1cc-1e7b-54c4e0052a2d@sectigo.com>
References: <alpine.LRH.2.21.1902221022470.12674@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1902221022470.12674@bofh.nohats.ca>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: LO2P265CA0346.GBRP265.PROD.OUTLOOK.COM
(2603:10a6:600:d::22) To DM6PR17MB2716.namprd17.prod.outlook.com
(2603:10b6:5:122::27)
authentication-results: spf=none (sender IP is )
smtp.mailfrom=rob@sectigo.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2a02:1788:4ff:1000:f68e:38ff:fe7a:a226]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0c418eaf-5b7e-4c6c-a469-08d698db42bb
x-microsoft-antispam: BCL:0; PCL:0;
RULEID:(2390118)(7020095)(4652040)(8989299)(5600110)(711020)(4605104)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020);
SRVR:DM6PR17MB2123;
x-ms-traffictypediagnostic: DM6PR17MB2123:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <DM6PR17MB2123D236B5FD4D9D7C5828DDAA7F0@DM6PR17MB2123.namprd17.prod.outlook.com>
x-forefront-prvs: 09565527D6
x-forefront-antispam-report: SFV:NSPM;
SFS:(10009020)(136003)(346002)(376002)(396003)(39850400004)(366004)(199004)(189003)(6306002)(6512007)(14444005)(99286004)(36756003)(486006)(25786009)(68736007)(97736004)(86362001)(2906002)(8676002)(256004)(5660300002)(6246003)(81166006)(81156014)(31696002)(8936002)(478600001)(229853002)(6116002)(53546011)(6506007)(76176011)(386003)(102836004)(52116002)(14454004)(966005)(186003)(110136005)(31686004)(476003)(11346002)(6486002)(105586002)(305945005)(2616005)(46003)(53936002)(106356001)(446003)(316002)(6436002)(7736002)(71190400001)(71200400001);
DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR17MB2123;
H:DM6PR17MB2716.namprd17.prod.outlook.com; FPR:; SPF:None; LANG:en;
PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: sectigo.com does not designate
permitted sender hosts)
x-microsoft-exchange-diagnostics: =?utf-8?B?MTtETTZQUjE3TUIyMTIzOzIzOlFhdmY1NFF6WUxwdnBJamxFY1NNUllZUldC?=
=?utf-8?B?VGJDZjE1S1dTZktNU2JlWk1lbmxQWFRBMmppNnBwak5WckJrVWlOUjQrVUZO?=
=?utf-8?B?MTAvKzlkbU44VHU5OEREak5rYUhDeGIxYW5kWStLeXdGQktNV2NQaHEzT1JZ?=
=?utf-8?B?cWF5clV6cDRrRjRGaXFtYkFBYnZpUTE4Y2NXenBaQXhlck1PeVl3VEJLR24z?=
=?utf-8?B?UmNBWWtHWkNxVDhJZUNWZThvdG00RHdQbUZBMzJSWU1DcnpqQ3VoSTZHME5G?=
=?utf-8?B?R1habkJwZ3JNSHU2VWZXakNzT1cxM3dhcWlNR0VmUElRVzRvQ0ozQldnLzB1?=
=?utf-8?B?aFFDMGFwbjNlQ0FmOGRiS0VpUS9xcElaYU1waVY5ZVNITU03Mks4UmtzUnhY?=
=?utf-8?B?ZTA3Y2E5dDFyeHBKamdVc1AzOW0wUFdmWE8rSU0xVG44WEhCT0pPQ0duMXRt?=
=?utf-8?B?S3NCcjNiMVlid3R2cTNleHdhYklXRi9JekRKdUo4MzFiaVN2WEg2dHY0Tnh4?=
=?utf-8?B?RTl4amZjck84bTlMdi90Y0FRMlBVN1JTNEF2UjI2S2hjRXRKbGZDWXRQY1Rz?=
=?utf-8?B?ZHB3UTVhZHg5dnIybkpSNUk1NkdxUTJNcDl0V3V4OXR6cFluMWx5K1NKQ2FB?=
=?utf-8?B?TU1KNVRlU1RKdFVWa1l6VDFUcUpOYXBScGxMUTVYK0h5WlJDaWVjOU9KUVdI?=
=?utf-8?B?OVBRZVM5VjZ2dnIwc1FEdmN6U1hTUmhUUGF3OEFPaTRxQkszUkk2SlFVZHBD?=
=?utf-8?B?OHkyYnBETlR2R0pLNWNZSi9LdEZQNkUyUDdhV3JZdnQwc0xBRzJPSWRDNkV6?=
=?utf-8?B?MHlSakNrZkRWcnBwSndCYUVoUHZ0Qy8xNXcwRW9PblZqczR1MUR1Ny9SVE1U?=
=?utf-8?B?b1N1NmgzbGhmeDlYM1h6RUNnSGtNR28zbGNjTjFDOU16VzlZeXhuRWlwRzBD?=
=?utf-8?B?TzhndGZmN2Y3RlZKbzlyaThHNXd5QVFuTjc5MXlMck96ODRZQ05CZjhtNUU4?=
=?utf-8?B?WkZ6K0ExMTNiQk5aWHV3UjZSaDBRazh4L3RjSDVlZUtvbHdrUDVxR3h6blRJ?=
=?utf-8?B?SG1xNmY2RDZPOSt2OGtyODZreDZodGZaVjJDNS9BUDBBeXB1Vm0ycWh2aVdk?=
=?utf-8?B?clRmdnYrRVVNNDRHcWtwMnIxTHVtYVBQNndRMGRxK1hCQnhLZVlEU0ZCNnM5?=
=?utf-8?B?S0p3dVRrTkFMRDhNLzMwMWxNeXNmMWZzNlBZaXpvMldUMkVmMkwyaDFVRnoz?=
=?utf-8?B?YmljOTdLaEdRSHBMS1VjNmhYTk5qMUR6YTdQajFXczlEODZYOG1jaUpEc29q?=
=?utf-8?B?OEhNZGw0akNXblZFMjlnQWdiRlI5cXVYR1JoT1Q1ZGRrZ2MxNnlXZFZPWWYz?=
=?utf-8?B?OHFqV1AxSTdnZ0hiTDI3K0pRd1RrYi9LQ2prSXhDQ2RMai8waFhkVWUyZDU5?=
=?utf-8?B?bHJQRjlZNEwrcS9uS3ZoZVRVbTRPSVI2Kzc5VUNtZ1ZtQ0RZeUgvc2NMY0VT?=
=?utf-8?B?eTNUZ0lpZVBjSThLRnFLNFNNNVhFOTVrUCt5TXgrM3RLTU9VQmcySVhKaXo0?=
=?utf-8?B?ekd0ODdvN2JHZUc0V1dWY0duNnBUSlREZDdMazFNZE85TERPVVhYL2dHZ2pE?=
=?utf-8?B?Mm44ZGcrYkJ1ZGx0R2g1cEEvc2E4bW1QQW9EQTRyWWZpSlBLeUJlWnl5SCs5?=
=?utf-8?Q?dJhp4E45LRv1Rt7n9Q=3D?=
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: AgU1MccTifbIKvh/5+8B3z/3fmxvXMG9DcQxLHj+x0I9hRVQKnCf/By+56w4hmYv2q226rGnvN96rddLyMgwuk5q87ktvKEUV6ThY+wG7NUipb22+jLaAqPl3Os4syMOQSy4fCAfc2hd7g/fLzOrmZJ0lKZwGn6HKYSbborTGpzoB5XD9c7oAjt9D/Zj8JADCQSpbUFuE/2MT2cdEs5c4wvl1WFX/7hbuYC4JVuzom0zew+9RX9ZjnptzCiwkPEGZm7erWqGk6Ra7Mi12iAMypQRpQht/fQLpalh/u9q6hXNpgEdakfwhmkRx4aFE3vGxStPZtYcqYDVs+HPVjo4xDFDb78QE9I1jRXm2doNise1I+SAqCHDSVnB7f+0K+5DByHzrCl2DKV4axIJ6QpWlwCkC14GDrlKdfpfOevQBV0=
Content-Type: text/plain; charset="utf-8"
Content-ID: <589275CAA16DF14FA93943E440D7ADA2@namprd17.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: sectigo.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0c418eaf-5b7e-4c6c-a469-08d698db42bb
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Feb 2019 15:34:39.3268 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-id: 0e9c4894-6caa-465d-9660-4b6968b49fb7
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR17MB2123
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/Rx6EbBNSQeTiS9w8rHwNqm24tGA>
Subject: Re: [Trans] 6962bis and signed_certificate_timestamp issue
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list
<trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>,
<mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>,
<mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2019 15:34:51 -0000
Hi Paul. That issue is from an offline discussion between the A-Ds, the TRANS WG Chairs, and the 6962-bis authors. Ben K answered those questions (on 3rd Nov 2018) as follows: "> Do we even need to mark 6962-bis as Updating RFC8446? Creating a new TLS extension does not require uptading the core TLS spec. But the suggested text about "new requirements for [...] TLS implementations" is not good; better to talk about defining an extension that is used for [stuff]. > (Can an Experimental RFC update a Standards Track RFC?) No." I addressed this in PR#302 [1] by adding [2] the following text to the Abstract: "It also specifies a new TLS extension that is used to send various CT log artifacts." [1] https://github.com/google/certificate-transparency-rfcs/pull/302 [2] https://github.com/google/certificate-transparency-rfcs/commit/e18322235c409bf7150eb0b86384fbddaecc9660 On 22/02/2019 15:24, Paul Wouters wrote: > > This issue is still open: > > TLS 1.3 (https://tools.ietf.org/html/rfc8446) has several mentions of > the RFC6962 signed_certificate_timestamp TLS extension. Since > 6962-bis > intends to obsolete RFC6962 and replace signed_certificate_timestamp > with a new TLS extension (transparency_info), should we also add a > sentence to the 6962-bis Abstract along these lines... > "This document also specifies new requirements for TLS 1.0, 1.1, > 1.2 > and 1.3 implementations." > ? > > Do we even need to mark 6962-bis as Updating RFC8446? > > (Can an Experimental RFC update a Standards Track RFC?) > > > _______________________________________________ > Trans mailing list > Trans@ietf.org > https://www.ietf.org/mailman/listinfo/trans -- Rob Stradling Senior Research & Development Scientist Email: rob@sectigo.com Bradford, UK Office: +441274024707 Sectigo Limited This message and any files associated with it may contain legally privileged, confidential, or proprietary information. If you are not the intended recipient, you are not permitted to use, copy, or forward it, in whole or in part without the express consent of the sender. Please notify the sender by reply email, disregard the foregoing messages, and delete it immediately.
- [Trans] 6962bis and signed_certificate_timestamp … Paul Wouters
- Re: [Trans] 6962bis and signed_certificate_timest… Rob Stradling
- Re: [Trans] 6962bis and signed_certificate_timest… Paul Wouters