Future implementers will read the 6962-bis RFC. How do we ensure that
these implementers are made aware that the 6962-bis Security
Considerations don't give the full picture (of how to build a secure CT
ecosystem)?
I suggest that the 6962-bis Security Considerations should reference the
threat analysis I-D.
On 08/06/15 19:57, Stephen Kent wrote:
yes, this is/will be covered in the threat analysis.
#55: Security Considerations: Describe the implications of clients
*not* doing
certain optional checks
Changes (by [email protected]):
* milestone: => review
Comment:
I presume this should become part of the threat analysis I-D.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
