Melinda,
I have complained for a long time (see my messages in June of 2014) that
6962-bis
failed to define mis-issuance. Thus you ought not surprised that I have
raised this
issue yet again, since 6962-bis has never been revised to address this
serious omission.
If 6962-bis is not going to have to wait for the threat model to be
published, then, yes, a cite of that doc won't work. However, using
the definitions of mis-issuance from that doc, will work. Failing to
define mis-issuance in 6962-bis makes it seriously deficient and
provides a basis for it not being approved by the IESG, IMHO.
Steve
I was quite surprised to see this come through given that
we've said repeatedly that the threat document isn't going
to block the -bis document moving forward. A better
approach might be to propose text for the -bis draft.
Melinda
-------- Forwarded Message --------
Subject: [Trans] [trans] #116 (rfc6962-bis): ned definition for mis-issuance
Resent-Date: Fri, 13 Nov 2015 10:40:37 -0800 (PST)
Resent-From:[email protected]
Resent-To:[email protected]
Date: Fri, 13 Nov 2015 18:40:36 -0000
From: trans issue tracker<[email protected]>
To:[email protected],[email protected]
CC:[email protected]
#116: ned definition for mis-issuance
the document does not include a definition for misissuance [sic], even
though this is the central motivation of CT. The doc should use the
definition from the threat/attacks model, cite that document, and change
the spelling to “mis-issuance” “mis-issue”, “mis-issued”, etc.)
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
