IETF Logo Mail Archive

[Trans] OCSP and SCTs

Fabrice <fabrice.gautier@gmail.com> Sat, 30 August 2014 20:48 UTC

Return-Path: <fabrice.gautier@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD4E21A0686 for <trans@ietfa.amsl.com>; Sat, 30 Aug 2014 13:48:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v2qB2zU_gfOp for <trans@ietfa.amsl.com>; Sat, 30 Aug 2014 13:48:46 -0700 (PDT)
Received: from mail-pa0-x231.google.com (mail-pa0-x231.google.com [IPv6:2607:f8b0:400e:c03::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9463E1A0676 for <trans@ietf.org>; Sat, 30 Aug 2014 13:48:46 -0700 (PDT)
Received: by mail-pa0-f49.google.com with SMTP id kq14so9022556pab.36 for <trans@ietf.org>; Sat, 30 Aug 2014 13:48:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-transfer-encoding:content-type:from:mime-version:subject :message-id:date:to; bh=E17YY94vKzg3WB06FqUXHeOKBF4DkVsyaeV+fIho82g=; b=bH2Juh66sYCkHk8uqZ3Z+eCbOhgVKuDcpkOWR4Cjc9ZsR9TdPSA2Wm+GJQekZVHH+B 1Pr/vvRepDVT/1avl72GA54oUz/dL5yCSOx4OeQQdvql+0DKrb34n7gkCA6cYL1//A3w HzEelaZUlSTpYWvycgha1BSTaesdLkmFsBLXZ8dvK91M0xyAKeYnC8vlsIISKqXg5505 Dw8RQ2fqkGJECb326ypRwc9OMslM07ArXGUkWS6SgAuhCa0v4nVLqxaRrHt66u1lLCPn 16+QuUI8ImXqL11wkukgJY1tUxzaLY6IcbXgGruiRSEpNZ8+u1M4PfEmNrPeUMvbTPWI KoIA==
X-Received: by 10.70.102.175 with SMTP id fp15mr26466354pdb.52.1409431726241; Sat, 30 Aug 2014 13:48:46 -0700 (PDT)
Received: from [10.0.1.4] (c-67-188-142-21.hsd1.ca.comcast.net. [67.188.142.21]) by mx.google.com with ESMTPSA id ix8sm12288204pac.32.2014.08.30.13.48.44 for <trans@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 30 Aug 2014 13:48:44 -0700 (PDT)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="us-ascii"
From: Fabrice <fabrice.gautier@gmail.com>
Mime-Version: 1.0 (1.0)
Message-Id: <DCB45BF3-C979-4025-A532-0349D971E95D@gmail.com>
Date: Sat, 30 Aug 2014 13:48:44 -0700
To: "trans@ietf.org" <trans@ietf.org>
X-Mailer: iPhone Mail (11D257)
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/sfbNsRXucwHTXgXBZbL_Q_SFkiM
Subject: [Trans] OCSP and SCTs
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Aug 2014 20:48:48 -0000

Hi,

Regarding the transport of SCTs as part of OCSP responses, the RFCs only talk about it in the context of OCSP stapling. Can SCTs also be provided in non stapled OCSP responses to TLS clients?

Also, should 6962-bis also reference rfc6961 (multiple OCSP responses extension) in addition to rfc 6066?

Or should the language be generalized to just talk about SCTs in OCSP responses, no matter how those responses are provided to the TLS client?

Thanks 

-- Fabrice

v2.23.0 | Report a Bug | By Email