On 16/07/15 16:31, Stephen Kent wrote:
Rob,
Thanks for the feedback and questions.
Thanks Steve. Further comments inline.
Steve, though I disagree with the thing you want to use an extension
for, I completely agree that we need to define the top-level extension
syntax. Your proposed text mostly looks good to me. Just a few
nits/questions...
'The "CtExtensions" type is a vector of 0 or more extensions'
- Isn't that clear from the "CtExtension CtExtensions<0..2^16-1>;"
definition? Why restate it?
I find the syntax here a bit confusing, which I why I included that text.
OK.
'All of the extensions in the vector MUST appear in order of
increasing IDs.'
- Why? And what would a CT client do if it encountered a violation
of this proposed MUST?
I was looking for two things: a simple canonicalization to be applied at
this level, and a way to make it easier for an RP to compare a set of
extensions against a list it might have locally.
OK, as long as the client-behavior doc considers what a client will do
if the extensions are in the wrong order.
'If an implementation sees an extension that it does not understand,
it SHOULD ignore that extension.'
- Wouldn't it be better to include a "critical" flag that has the
same semantics as the "critical" flag for X.509v3 extensions?
I thought about adding a critical flag, ala X,509v3, but was worried
that it might seem overkill. I defer to the judgement of others here.
OK, on reflection, I think you're right. If there's ever a need to
define an SCT "extension" that clients MUST understand and process, we
can accommodate that by bumping the SCT version and changing the SCT
structure. So there's no need for a per-extension critical flag.
Are you planning to submit a pull request on GitHub for your proposed
text? Or shall I?
I'm a believe that details of IETF WG discussions belong on IETF WG
lists, so I have no plans to push this to GitHub
I don't follow. We are having this discussion on an IETF WG list.
but thanks for the offer.
You're welcome. However, I'm not clear if you've declined or accepted
my offer. Could you clarify?
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
