David,
I agree with your assessment that the later paragraphs of 3.4 deal with
revocation status attacks that are independent from the dual cert chain
attack that is the focus of that section. I should not have placed that
text in 3.4/
While one could add text about revocation status attacks
I reviewed the text of Section 3.4 in
draft-ietf-trans-threat-analysis-09.txt and, unfortunately, the
text in the section is still incorrect.
On 09/14/2016 12:25 PM, Stephen Kent wrote:
David,
Thanks for providing text and a diagram.