#145: Section 9.2 (TLS clients) needs more guidance for browsers
Comment (by [email protected]): Steve Kent replied on the list, attempting to summarize his response: - It should be possible to do a black-box analysis of a TLS client to determine if it's CT compliant. So prescribing requirements that can't be verified is a bad idea. - He does not agree that with the suggestion that the TLS client discussion should be considered generic (i.e. not specific to browsers). - He claims that "now there's a new, different reason for sort-of specifying client behavior without really specifying it?". (I don't fully understand why this argument is made). Based on his reply I will push the change mentioned in comment #2 for review, which will address the first issue. As for the other issues they are broader and I will leave them for discussion on the mailing list. My opinion is that any browser-specific guidance provided in this RFC should be non-normative, since there are real-world scenarios where 6962-bis could be applied to non-browser TLS clients. But I really don't see the point of suggesting any behaivour to browsers - they're perfectly capable of figuring out themselves what to do once CT compliance/non- compliance has been established. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-trans- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: rfc6962-bis | Version: Severity: - | Resolution: Keywords: | -------------------------+------------------------------------------------- Ticket URL: <https://trac.tools.ietf.org/wg/trans/trac/ticket/145#comment:3> trans <https://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
