Please specify what data description and interchange formats are being used. E.g., sections 4.1 and 4.2 are presumably using TLS syntax, and section 5.1 should specify that both input and output are JSON structures.
In section 5.1, in the description of the 'extensions' field, we see that "Logs should set this to the empty string. Clients should decode the base64-encoded data and include it in the SCT". Should these be RFC 2119 "SHOULD"s? Also, what "the base64-encoded data" is could probably be more clear, i.e., saying something about if the server sets extensions to something other than the empty string, it MUST be base64-encoded data, and if the client receives something which is non-empty, then it does the decoding and includes it in the CtExtensions portion of the SignedCertificateTimestamp. (Hmm, I don't see it explicitly mentioned that that's what SCT means, either.) -Ben _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
