Rich,
Sorry for the late comment, but I just returned from vacation after IETF.
Please send/post corrections.
...
Steve Kent, attack model
Name changed on doc, even if filename can't easily be changed. Not a threat
model, we don't know what the attackers are thinking, but we do know possible
actions so it's an attack model.
Includes an intro to CT, he prefers it move into an arch document but if not it
will stay.
"CT is a set of mechanisms, designed to detect, deter, and facilitate remediation of
certificate mis-issuance"
Semantic mis-issuance: name in the cert refers to an entity incorrectly.
Syntactic mis-issuance: violation of certificate profile(s) that apply.
Reviewed a taxonomy of attacks. Read the doc. Discussion of additions and
bigger picture needs.
Incorporated all (but one) comments.
Wants WG agreement via list on goals, definitions, attacks.
We have a half-dozen people commit to read and review the document.
Ben agrees about having an arch doc; Steve and Ben will collaborate on an arch
doc
I recall saying that I would be happy to author such a doc, starting by
extracting some text from the attack model. I recall that Ben agreed that
having an arch doc was a good idea, but I do not recall that we agreed
to co-author
the doc.
BTW, I expected to see a message from our chairs raising this issue on the
list, to see if there was general support for this new doc. I'm still
catching up
on e-mail, but did not see such a message.
Steve
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
