On 29/09/15 21:50, Stephen Kent wrote: <snip> >> Ripping out the TLS client/server comms from 6962-bis in the hope that >> somebody will specify this in some future doc doesn't seem like a good >> idea to me. > > it's being done in the arch doc now.
Steve, Unless or until the chairs say otherwise, it's still being done in 6962-bis too! http://trac.tools.ietf.org/wg/trans/charters "Work items: - Publish an update to RFC 6962 as a standards-track mechanism to apply verifiable logs to HTTP over TLS." 6962-bis is the "update to RFC 6962", right? So "apply verifiable logs to HTTP over TLS" makes the TLS client/server comms in scope for 6962-bis, right? Maybe your arch doc will be adopted. Maybe the scope of 6962-bis will be changed. But neither of these things has happened _yet_, and at this point it seems premature to assume that they will definitely both happen. > If the WG decides that we should have > separate specs for each elements (which I support) then we can extract text > from the arch doc and put it into those separate specs, making the arch doc > shorter and more consistently high level. >> >>>>> It is relevant to CAs, but I believe that CA requirements, other than >>>>> how to interact with the log, should not be part of 6962-bis. >>>> Are there any specific "CA requirements" currently in 6962-bis that you >>>> think should be removed from 6962-bis? I can't find any that would >>>> fall outside of "how to interact with the log". >>> right now, no. > I did think of a few of examples from your discussion of redacted certs. > Text in > 3.2.2 tells a CA how to create a name-redacted pre-cert. This seems > irrelevant to log > processing of pre-certs, since it doesn't appear to be a constraint > enforced by a log. > Text in 3.2.3 seems to be a set of directions to a CA, and maybe checks > to be performed by > a TLS client, but not constraints checked by a log. These are examples > of text that > was included in 6962-bis because it needed to be somewhere, but it does > not fit the > notion of log/client interface description. > > Steve -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
