IETF Logo Mail Archive

[Trans] Adam Roach's Discuss on draft-ietf-trans-rfc6962-bis-31: (with DISCUSS and COMMENT)

Adam Roach via Datatracker <noreply@ietf.org> Wed, 13 March 2019 06:36 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: trans@ietf.org
Delivered-To: trans@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A299130EA0; Tue, 12 Mar 2019 23:36:41 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Adam Roach via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-trans-rfc6962-bis@ietf.org, Paul Wouters <paul@nohats.ca>, trans-chairs@ietf.org, paul@nohats.ca, trans@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.93.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <155245900142.5466.15600148045977298644.idtracker@ietfa.amsl.com>
Date: Tue, 12 Mar 2019 23:36:41 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/chxqyRh4aa3JfXRdcvOWdNeRq6c>
Subject: [Trans] Adam Roach's Discuss on draft-ietf-trans-rfc6962-bis-31: (with DISCUSS and COMMENT)
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2019 06:36:43 -0000

Adam Roach has entered the following ballot position for
draft-ietf-trans-rfc6962-bis-31: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-trans-rfc6962-bis/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

Thanks to everyone who worked on updating this protocol to reflect experience
gathered from the initial CT protocol. I have one blocking comment, and a small
number of editorial suggestions.

---------------------------------------------------------------------------

§5:

>  Clients are configured with a base URL for a log and construct URLs
>  for requests by appending suffixes to this base URL.  This structure
>  places some degree of restriction on how log operators can deploy
>  these services, as noted in [RFC7320].  However, operational
>  experience with version 1 of this protocol has not indicated that
>  these restrictions are a problem in practice.

The synthesis of URLs by a protocol in this fashion is prohibited by BCP 190:

   Scheme definitions define the presence, format, and semantics of a
   path component in URIs; all other specifications MUST NOT constrain,
   or define the structure or the semantics for any path component.

Unless the intention of this document is to update BCP 190 to change this
normative requirement, we can't publish it in its current form. Note that doing
so would require a change of venue, as updates to BCP 190 would not be covered
by the current TRANS charter.

Please see BCP 190 section 3 for alternate approaches. All three approaches
could be made to work for CT, and I would be happy to explain how to do so if
clarification is desired.


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

§1.1:

>  The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
>  "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
>  document are to be interpreted as described in [RFC2119].

Consider using the boilerplate from RFC 8174.

---------------------------------------------------------------------------

§1.3:

>  This document revises and obsoletes the experimental CT 1.0 [RFC6962]
>  protocol, drawing on insights gained from CT 1.0 deployments and on
>  feedback from the community.

Given that *this* document is also experimental, it seems a bit odd to call out
RFC 6962 as experimental.

---------------------------------------------------------------------------

§2.1.1:

>  We have established a registry of acceptable hash algorithms (see

The use of first person here is awkward. Consider: "This document
establishes..."

---------------------------------------------------------------------------

§10.2:

>  | 0x01 - | Unassigned |                        | Specification      |
>  | 0xDF   |            |                        | Required and       |
>  |        |            |                        | Expert Review      |

The policy being cited here is confusing. It is unclear whether the intention is
that values can be registered under both §4.5 and §4.6 of RFC 8126. I suspect
the intention here is the policy specified in RFC 8126 §4.6 only, without
reference to the policy in §4.5. If so, please use the formal name
"Specification Required."

---------------------------------------------------------------------------

§10.4:

>  | 0x0008 -    | Unassigned           | Specification Required and   |
>  | 0xDFFF      |                      | Expert Review                |

Same comment as above.

---------------------------------------------------------------------------

§10.5:

>  | 0x0000 -      | Unassigned | n/a | Specification Required and     |
>  | 0xDFFF        |            |     | Expert Review                  |

Same comment as above.

v2.23.0 | Report a Bug | By Email