Eran,
There may be a misunderstanding here: in 6962-bis the Auditor entity
was replaced with an auditing role, that different entities (a Monitor
being one) can take.
I recall when you and your co-authors unilaterally decided that there
would be no Auditor
as a separate CT element. Both DKG and I complained about that decision,
to no avail.
However, let's compromise and consider both Monitors and Auditors to be
functions or roles.
so that readers do not assume that these roles must be implemented by
separate systems. OK?
I object to the current wording in the Monitor description because it
mandates that a Monitor
perform auditing, and does not mandate that it perform what I see as the
the basic Monitor role.
As currently described, there is no mandated role in CT that observes
logs looking for possibly
bogus certs on behalf of Subjects. This strikes me as a serious omission.
Section 9.4. of draft 12 explains how monitors can audit and how TLS
clients can, while section 9.3., about Monitors, describes the process
a Monitor should use to audit.
Rob Stradling reviewed my Monitor doc a few month ago and agreed with
the description,
noting that his implementation of a Monitor also did not perform
auditing. (It just
observes logs to detect certs of "interest." I mentioned this on the
TRANS list as part
of why I believe that it is inappropriate to mandate any Auditor
functions as
part of the Monitor role. again, this feedback seems to have been ignored.
I believe that change was partly made thanks to your feedback that the
Monitor and Auditor entities have some overlap and the distinction
wasn't quite clear.
The distinction was not clear, but this revised set of definitions is
worse, i.e.,
it does not require a Monitor to watch for potentially bogus certs.
Steve
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
