David,
I agree with your assessment that the later paragraphs of 3.4 deal with
revocation status attacks that are independent from the dual cert chain
attack that is the focus of that section. I should not have placed that
text in 3.4/
While one could add text about revocation status attacks
I reviewed the text of Section 3.4 in
draft-ietf-trans-threat-analysis-09.txt and, unfortunately, the
text in the section is still incorrect.
On 09/14/2016 12:25 PM, Stephen Kent wrote:
David,
Thanks for providing text and a diagram.
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Public Notary Transparency of the IETF.
Title : Attack and Threat Model for Certificate Transparency
Author : Stephen Kent
Filename: