As promised, here is some proposed text for the required additional
syntax for SCT extensions.
Add to Section 3.3:
uint16 CtExtensionId;
opaque CtExtensionValue<0..2^16-1>;
struct {
CtExtensionId id;
CtExtensionValue value;
} CtExtension;
CtExtension CtExtensions<0..2^16-1>;
The "id" field identifies a single extension from the IANA registry
in Section 7.3. The interpretation of the "value" field is determined
solely by the value of the id field, and each document that registers a
new extension ID must describe how to interpret the corresponding
extension value.
The "CtExtensions" type is a vector of 0 or more extensions.
This vector MUST NOT include more than one extension with the same ID.
All of the extensions in the vector MUST appear in order of increasing IDs.
Change the last paragraph of Section 3.3 to:
"extensions" are future extensions to SignedCertificateTimestamp v2.
Currently, no extensions are specified. If an implementation sees an
extension that it does not understand, it SHOULD ignore that extension.
Furthermore, an implementation MAY choose to ignore any extension(s)
that it does understand.
Add a new Section, "7.3. CT Extension IDs":
IANA is asked to establish a registry of CT extension IDs, initially
consisting of:
+-------+-----------+
| ID | Extension |
+-------+-----------+
| 65535 | reserved |
+-------+-----------+
TBD: policy for adding to the registry
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
