#128: section 5 over-claims the properties of an STH From https://tools.ietf.org/html/draft-ietf-trans- rfc6962-bis-10#section-5: Periodically, the log MUST append all its new entries to its Merkle Tree and sign the root of the tree. This provides auditable evidence that the log kept all its promises.
I think the second sentence here over-claims the security properties provided by the STHs. Publication of an STH enables a set of checks that may enable others to detect log misbehavior, but [https://tools.ietf.org/html/draft-ietf-trans-gossip-01 the gossip draft] shows that such detection requires a lot of mechanisms beyond just STH generation. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-trans- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: rfc6962-bis | Version: Severity: - | Keywords: -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/trans/trac/ticket/128> trans <http://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
