Rob,
Eran and I spent an hour this AM reviewing my detailed comments on the
-08 version.
He submitted several issue tracker entries in realtime.
By the end of our discussion we agreed that it might make sense to revise
the Monitor/Audit descriptions, because some parts of the document
use the terms inconsistently. My suggestion is that we use the term Monitor
to refer to an entity that tracks logs looking for certs that conflict with
reference info, i.e., name-public key sets. Monitors would perform checks
to ensure that the log entries have associated proofs and are covered by
an STH.
But, otherwise, Monitors would not try to detect log misbehavior.
Auditors would
focus on detecting log misbehavior.
Steve
#93: Monitor description: Inconsistency between intro and section 5.4
Comment (by [email protected]):
Eran, I presume you're talking about section 5.4 of 6962-bis. So is
"client-behavior" the right component for this ticket?
ISTM unnecessary to require _every_ monitor to "check for mis-issued
certificates". Surely monitors that only check STHs are useful?
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
