Rob,
...
I was looking for two things: a simple canonicalization to be applied at
this level, and a way to make it easier for an RP to compare a set of
extensions against a list it might have locally.
OK, as long as the client-behavior doc considers what a client will do
if the extensions are in the wrong order.
good point.
'If an implementation sees an extension that it does not understand,
it SHOULD ignore that extension.'
- Wouldn't it be better to include a "critical" flag that has the
same semantics as the "critical" flag for X.509v3 extensions?
I thought about adding a critical flag, ala X,509v3, but was worried
that it might seem overkill. I defer to the judgement of others here.
OK, on reflection, I think you're right. If there's ever a need to
define an SCT "extension" that clients MUST understand and process, we
can accommodate that by bumping the SCT version and changing the SCT
structure. So there's no need for a per-extension critical flag.
agreed.
Are you planning to submit a pull request on GitHub for your proposed
text? Or shall I?
I'm a believe that details of IETF WG discussions belong on IETF WG
lists, so I have no plans to push this to GitHub
I don't follow. We are having this discussion on an IETF WG list.
You wanted to know if I planned to post the proposed syntax to GitHub.
My answer (perhaps not clearly stated) was no.
but thanks for the offer.
You're welcome. However, I'm not clear if you've declined or accepted
my offer. Could you clarify?
If you believe that there are folks who don't track this list and who
rely on GitHub to
track CT stuff, then feel free to post there.
Steve
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
