I'm also in favor of this change. I would further suggest that this list be required to be consistent, monotonically increasing and that the results of this API be something that monitors exchange information about.
On Thu, May 4, 2017 at 8:28 AM Andrew Ayer <[email protected]> wrote: > On Thu, 4 May 2017 13:41:59 +0100 > Eran Messeri <[email protected]> wrote: > > > I'm looking for feedback on the proposal to add an API endpoint which > > would provide access to historical STHs issued by the log ( > > https://trac.ietf.org/trac/trans/ticket/163). > > > > I personally think it's a good idea to have such an API since it'd > > allow auditing a log for past compliance with the MMD requirement. > > > > Rob Stradling has sent a PR > > <https://github.com/google/certificate-transparency-rfcs/pull/200/> > > for this. > > I support adding this endpoint, and I think it should be mandatory. > > In addition to helping monitors, this endpoint would allow a TLS client > vendor (e.g. Mozilla) to aggregate all the STHs for a log and ship them > in bulk to clients so that clients can easily verify a stapled > inclusion proof without needing to make any network access. That > should please Mozilla. > > Regards, > Andrew > > _______________________________________________ > Trans mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/trans >
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
