Re: [Trans] Draft agenda

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 24 February 2014 21:43 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BA4A1A025F for <trans@ietfa.amsl.com>; Mon, 24 Feb 2014 13:43:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.599
X-Spam-Level:
X-Spam-Status: No, score=0.599 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, J_CHICKENPOX_48=0.6] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bKkQsw_4-e7O for <trans@ietfa.amsl.com>; Mon, 24 Feb 2014 13:43:07 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 20BC31A0165 for <trans@ietf.org>; Mon, 24 Feb 2014 13:43:07 -0800 (PST)
Received: from [192.168.23.229] (dsl254-070-154.nyc1.dsl.speakeasy.net [216.254.70.154]) by che.mayfirst.org (Postfix) with ESMTPSA id 0251AF984 for <trans@ietf.org>; Mon, 24 Feb 2014 16:43:04 -0500 (EST)
Message-ID: <530BBCE6.1070100@fifthhorseman.net>
Date: Mon, 24 Feb 2014 16:43:02 -0500
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.2.0
MIME-Version: 1.0
To: "trans@ietf.org" <trans@ietf.org>
References: <53063600.4020102@gmail.com> <878ut0usxw.fsf@alice.fifthhorseman.net> <CAMm+LwjANZrgKXxRD-f4POdn7vz9_f1W2Mj8xTGEFVO9-3Unng@mail.gmail.com> <530BB8E3.30303@gmail.com>
In-Reply-To: <530BB8E3.30303@gmail.com>
X-Enigmail-Version: 1.6
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="G1bDoRl58K23HoQBu3GCp4bT8A5t3btU5"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/uXSEKSCtgvDvwwa4HotWPNVnk9E
Subject: Re: [Trans] Draft agenda
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2014 21:43:08 -0000

On 02/24/2014 04:25 PM, Melinda Shore wrote:

> As for relevance, right now therightkey is the best place
> for discussion of other approaches to fixing PKI, while trans
> is specifically for discussion of certificate transparency.
> The only thing that's in our charter at the moment is 6962bis.
> That doesn't mean that other applications of CT are out-of-
> scope, but that we'd need to recharter to take them on
> as work items.

I think you're saying you want the slot in London to focus on getting
the mechanism right, and not trying to propose policy, which is
completely reasonable.  I'm happy to stay focused.

There's nothing in RFC 6962 (and i hope there won't be in 6962bis) that
is HTTPS-specific, though; it's defined as a mechanism for logging X.509
certificates for use in TLS, regardless of the application layer traffic
within the TLS session.

So i hope that the use of CT in SMTP+STARTTLS isn't seen as an "other
application" -- it's still TLS.  If we suspect that CT is somehow valid
only for X.509 certs used by HTTPS servers, we should make that more
explicit in the draft (but i hope we don't!)

Regards,

	--dkg