Benjamin Kaduk <> wrote:
    > Apparently I only have one comment buried inline.  We must be making
    > progress :)

    >> > The audit log is a defense against this in that it allows for
    >> post-facto > discovery of misuse?  Or is there some pre-issuance
    >> authorization check > going on.  > I think I may need some section
    >> references to where the authorization > policy (options) are
    >> documented; I've lost a bit of state on this one.
    >> That's right, the audit log provides discovery of mis-use.  The check
    >> belongs prior to issurance of an LDevID, and may be repeated regularly
    >> afterwards.
    >> I think you are asking for a list of MASA authorization policy
    >> options.  We do not have such a menu of options, and I'm reluctant to
    >> write them down normatively at this point, as I think that there are
    >> combinations we do not yet understand.
    >> 5.5.3 points out that nonceless vouchers need more authorization.
    >> Other parts of 5.5 provide other options.  Please let me know if you
    >> think this is insufficient for a Proposed Standard.

    > I think I'd like to see a small addition after/near "[t]his
    > verification is only a consistency check that the unauthenticated
    > domain CA intended the voucher-request signer to be a registrar"
    > (perhaps at the end of the paragraph?) noting something like "since the
    > domain CA is unauthenticated to the MASA, depending on MASA policy,
    > vouchers not authorized by the pledge owner may be issued; the MASA
    > audit log can be used to detect such missisuance".

I've added:

            Even when a domain CA is authenticated to the MASA, and there is
            strong sales channel integration to understand who the legitimate
            owner is, the above cmcRC check prevents arbitrary End-Entity
            certificates (such as an LDevID certificate) from
            having vouchers issued against them.
            Other cases of inappropriate voucher issuance are detected
            by examination of the audit log.

]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]        |   ruby on rails    [

Attachment: signature.asc
Description: PGP signature

Anima mailing list

Reply via email to