On Fri 2016-06-17 07:02:12 -0400, Eran Messeri wrote:
> In short: Rather than describe how the client should modify the labels in
> SAN extension to get to the redacted form that was logged, the issuer will
> generate the redacted SAN extension and log it, as a part of the
> TBSCertificate submitted to the log.
I like this proposal.
A clarification:
It took me a second to realize that the "redacted SAN extension" is
*also* present in the issued certificate, alongside the normal SAN
extension. the SCT is only over the TBSCertificate without the normal
SAN extension.
> Disadvantages:
> - The commonName in the subject field cannot be redacted this way.
This is not a problem. the CA/Browser Forum Baseline requirements say
that the commonName in the Subject field is "Deprecated (Discouraged,
but not prohibited)"
A user who really cares about redaction can simply leave out the
commonName in the Subject field.
I also think Andrew Ayer's extension of this proposal (the "Redacted
Labels Salt" extension) is an elegant fix to the remaining technical
concern about redacted SCT abuse.
I would support their inclusion in 6962-bis.
--dkg
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
