Irrespective of whether auditing is a function or a stand alone entity,
there
is a need for a complete description of how it works. The authors seem
to have
a different view from a proposal presented by DKG at the last meeting,
in terms
of the communication paths involved in auditing. That proposal
emphasized privacy
for TLS clients, and thus it merits further discussion. So, at this
time, it seems
premature to declare the design of auditing done. I suggest 6269-bis
limit its
discussion of auditing to noting which log interfaces are used to
support the function,
and assume that a separate doc will specify how auditing is performed.
Steve
#65: remove section 5.4 and reference to "Auditor" in section 3
Changes (by [email protected]):
* milestone: => review
Comment:
The editors never believed that audit would necessarily be performed by a
standalone entity, that doesn't seem relevant.
In any case, this has been clarified by talking about "auditing" rather
than "auditor".
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
