Re: [wpkops] Preliminary Next Version of Browser Behavior Draft

["Ben Wilson" <ben@digicert.com>]

Thanks, Rick.  

I can add more about the dynamic nature of some root stores to Section 2.1.

In 2.2, I wasn't sure what to say because I didn't think I should speak for
Mozilla, even though it's been explained to me that those responsible for
NSS/Firefox prefer a click through failure because it may tend to alert the
server administrator that there is a problem and they need to install a
chain properly.  In order to say that, I think someone needs to point me to
an official statement of that rationale so that I can reference it
officially.

In 3.1 and beyond, I'll make those replacements of "should" like I did above
in Section 2.   

In Section 3.4, I can tone down the security concerns a bit, but the problem
is that the statements are true in a generic sense.  Basically, I am trying
to take advice from the last telephone call we had and hit the security
concerns, e.g., "why do we care?" or, in other words, what is significant
about each particular category of behavior, and why did PKIX frame the
security design as such?  Are you saying that because I do not reveal a
specific zero-day threat that I've observed, I'm therefore precluded from
mentioning how that latent vulnerability might be exploited?  I can make it
more clear that we're addressing the generic issues and not the specifics,
if that helps.

Thanks again for your review and comments-they do help - significantly.

Cheers,

Ben

 

From: wpkops [mailto:wpkops-bounces@ietf.org] On Behalf Of Rick Andrews
Sent: Tuesday, June 10, 2014 6:04 PM
To: ben@digicert.com; wpkops@ietf.org
Subject: Re: [wpkops] Preliminary Next Version of Browser Behavior Draft

 

Ben,

 

I reviewed what I think is the latest draft at
https://tools.ietf.org/html/draft-wilson-wpkops-browser-processing-01, not
the Word doc attached to the previous message.

 

Section 2.1: Is it worth pointing out that root stores are not fixed? Not
only can they be extended via automatic download (as you pointed out), but
enterprises can add and remove roots (as often happens in Windows
environments) and browser users can manually add or remove roots or modify
trust bits. Document readers may not be aware of those other possibilities.

 

Section 2.2: It might be helpful to readers to explain here why Firefox does
not do "AIA chasing". In other words, they don't see it as a missing
feature; they choose to fail on incomplete chains, and a case can be made as
to why this behavior is preferable to the behavior of other browsers. Or do
we just want to point out differences among browsers without trying to
explain why those differences exist (where we understand why)?

 

Section 3.1 The introduction says "This document reviews the current
processing behaviors...", but this Section is full of "should"s. I suggest
it needs to be rewritten to factually describe current behavior.

 

Section 3.4 seems speculative and not descriptive of current browser
behavior.

 

Section 3.5 Header is not in bold.

 

Section 4.3 Shouldn't say "browsers should" ;^)

 

-Rick

 

From: wpkops [mailto:wpkops-bounces@ietf.org] On Behalf Of Ben Wilson
Sent: Tuesday, May 27, 2014 2:13 PM
To: wpkops@ietf.org
Subject: Re: [wpkops] Preliminary Next Version of Browser Behavior Draft

 

Here is another draft with suggested changes from Santosh accepted, and the
addition of "Security Considerations" subsections, based on our discussions
of May 13th. 

 

 

From: wpkops [mailto:wpkops-bounces@ietf.org] On Behalf Of Ben Wilson
Sent: Tuesday, May 13, 2014 9:44 AM
To: wpkops@ietf.org
Subject: [wpkops] Preliminary Next Version of Browser Behavior Draft

 

Here is a first pass through the browser behavior document that I sent to
Robin and Santosh yesterday.