Hi Alissa,
Thank you for the feedback.
> "It is also RECOMMENDED that the Implicit Trust Anchor database used
> for EST server authentication is carefully managed to reduce the
> chance of a third-party CA with poor certification practices
> jeopardizing authentication."
>
> This strikes me as a slightly odd use of normative language (what are the
> exception cases when the trust anchor database should not be carefully
> managed?).
>
The blurb is directly from RFC7030. We reiterate it here to point it out as a
best practice and then we present a potential deviation from it for constrained
environments.
To avoid this confusion we can rephrase it as
As discussed in Section 6 of [RFC7030], it is
"RECOMMENDED that the Implicit Trust Anchor database used
for EST server authentication is carefully managed to reduce the
chance of a third-party CA with poor certification practices
jeopardizing authentication. Disabling the Implicit Trust Anchor
database after successfully receiving the Distribution of CA
certificates response (Section 4.1.3 of [RFC7030]) limits any risk to
the first DTLS exchange." [...]
Rgs,
Panos
-----Original Message-----
From: Ace <ace-boun...@ietf.org> On Behalf Of Alissa Cooper via Datatracker
Sent: Tuesday, December 17, 2019 2:35 PM
To: The IESG <i...@ietf.org>
Cc: draft-ietf-ace-coap-...@ietf.org; i...@augustcellars.com;
ace-cha...@ietf.org; ace@ietf.org
Subject: [Ace] Alissa Cooper's No Objection on draft-ietf-ace-coap-est-17:
(with COMMENT)
Alissa Cooper has entered the following ballot position for
draft-ietf-ace-coap-est-17: No Objection
When responding, please keep the subject line intact and reply to all email
addresses included in the To and CC lines. (Feel free to cut this introductory
paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
Section 10.1:
"It is also RECOMMENDED that the Implicit Trust Anchor database used
for EST server authentication is carefully managed to reduce the
chance of a third-party CA with poor certification practices
jeopardizing authentication."
This strikes me as a slightly odd use of normative language (what are the
exception cases when the trust anchor database should not be carefully
managed?).
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
