I see your point. 6269-bis is mostly a document specifying the
operation and interface to the log. Other parts of the document attempt to
describe how clients interact with the log, but they do so only
superficially.
That's why I believe we need additional document specifying the behavior
of the other elements of the CT system.
You refer to "the protocol" but don't indicate which protocol you have
in mind.
I might agree that specs for TLS client behavior in the context of TLS
exchanges
are in scope. If so, 6269-bis needs to state that it updates TLS.
Your interpretation of the WG's agreement to expunge client behavior
from 6269-bis
seems to encompass only the issue of whether a client rejects or accept
a cert
accompanied by a (valid) SCT. That strikes me as rather narrow.
If a client that claims CT compliance MUST perform a series of checks to
verify
CT compliance of a cert, what does the client do if any of these tests
fail? It's
not useful to require a set of checks to be performed and yet not
indicate what
happens if they fail. If no action is required, then why bother
performing the checks?
If some action is required, or even recommended, then a spec needs to
state what that
behavior is.
Steve
#77: normative client behavior specified in Section 5
Changes ([email protected]):
* milestone: => review
Comment:
What has been ruled out of scope is what action clients take, not how they
conform to the protocol.
Suggest close wontfix.
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
