Unfortunately, the concerns have not been addresses. I pointed out in a
message on April 26 that the text still incorrectly referring to the
malicious CA issuing the bogus EE certificate as two CAs, and my message
was ignored.
Byran Ford sent a message on May 19 agreeing that the current text is
"rather strange." Steve Kent just responded by adding more text to the
document rationalizing his decision to refer to the malicious CA as "two
CAs."
So, the text is still unnecessarily confusing and it still contains
information that is technically incorrect.
On 06/08/2016 02:47 PM, Melinda Shore wrote:
Hi, all:
We'd like to restart working group last call on the threat
analysis draft
(https://datatracker.ietf.org/doc/draft-ietf-trans-threat-analysis/)
but I wanted to make sure that any serious concerns have been
addressed. In particular, it seems as if there may be some
unresolved questions about the conspiring CA attack identified
by DKG.
Do you all feel that the document is ready for working group
last call, and that any issues blocking it from being sent on
to the IESG have been resolved?
Thanks,
Melinda
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
