On 05/05/16 14:04, Ben Laurie wrote:
On 4 May 2016 at 23:12, Daniel Kahn Gillmor wrote:
<snip>
But in other cases (e.g. auditing, gossiping), there's no
guarantee that the issuer cert (or issuer public key) is going to be
passed alongside the SCT.
Do we want to require people to pass the issuer cert (or issuer public
key?) alongside the cert in order to be able to verify the signature on
an SCT? If so, where is the best place to document that concern?
That seems like a good idea. Presumably we'd need to add a new
TransItem type to carry this information.
Makes sense. I think this should go into the gossip document rather
than 6962-bis.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
