On Wed, Sep 19, 2018 at 12:57 AM Melinda Shore <[email protected]> wrote:
> Ryan, thanks for the thorough review. One thing you did > not address, and I'm guessing that was deliberate, was whether > or not you felt that the effort needed to resolve the issues you > raise is a good investment - that is to say, will lead to a > useful document. > I think it's very useful to have a document like this, and even with the issues noted, I'm hugely appreciative of Stephen putting in this work to capture the state so far. I worry that the structural issues potentially mean a large amount of effort to resolve - the prose itself rests on that hierarchy and structure, and thus even if all the attacks remain the same, the amount of prose change to accommodate that is rather large. At the same time, I'm not sure I see a good way to resolve some of the issues that result from the current layout. The same concern applies to the discussion about syntax violations and Logs checking. A significant amount of text is dedicated to the discussion of possible remediations, and to find consensus on that seems like it will be a large effort. Other elements are hopefully more minor to address, and largely involve removing text - speculating about motivations or speaking in absolutes as to solutions are both examples of text that can be largely removed without impacting the section or the overall document too negatively. At the end of the day, it sets out to do what it says on the tin - it provides /an/ attack model for CT. It's a model with issues, as would be expected of most models, and while I don't think it reflects the model that either 6962 or 6962-bis have been considering, it definitely captures some of the attacks. That it misses attacks that are of great concern to CAs and Log Operators is most unfortunate, but an understandable result of the fact that both the policy discussions and the deployment scenarios have been and are largely outside of the IETF. I may have missed some emails Rich has seen, but I've seen major issues raised during each WGLC that's been attempted that have required substantial changes. At the end of the day, we have to ship it, or not. I lean towards not, and though it's an incredibly valuable and appreciated start, I don't think it gives a sufficient picture of considerations for potential CT-aware clients, Monitors, Logs, or CAs, even if it has some of the necessary bits.
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
