Eran,
#118: Monitor function description problem
Changes ([email protected]):
* owner:[email protected] =>[email protected]
Comment:
Is the problem here that the term 'monitoring' means something different
in this context, making the introduction and Section 9.3. inconsistent?
I can suggest a few resolutions:
(1) Replacing the word 'monitor' in the introduction with 'watch'.
(2) Modify the Monitor section to indicate a monitor can either ensure
logs behave correctly, watch for certificates of interest or do both.
In most prior versions of 6962-bis, Auditing has focused on detecting
mis-behaving logs. Why not stick with that characterization of the
function?
Your suggestion #2 above seems to make Monitors overlap with Auditors,
rather than having simple, distinct definitions for them.
Let's say that a Monitor observes an enumerated set of logs for certs
of interest,
so that it can inform Subjects if there is evidence that a bogus cert has
been logged (relative to the Subject in question).
An Auditor observes an enumerated set of losg to detect log misbehavior.
These are roughly the ways that draft-kent-trans-monitor-auditor-00.txt
characterizes the two functions.
Steve
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
