On Fri, Sep 28, 2018 at 10:37 AM Tim Hollebeek <[email protected]> wrote:
> > > For what it's worth, I do not read 6962-bis as "very much being focused" > on > > CA-based logging. Consider, for example, certificate subjects submitting > > certificates to logs, something that is done without CA involvement and > can be > > done in response to (e.g.) Logs being distrusted or browsers increasing > the > > required number of SCTs. It's unclear that CAs have as much incentive as > > subjects to be responsive to changing events in this way. > > SCTs have to be included in the certificate so logging by third parties > does > not help with that problem. > This is not correct. Conforming clients MUST support all three methods of delivery of SCTs. No policy or statement in 6962-bis requires that SCTs "have to be included in the certificate". Perhaps you're conflating the requirement with SCTs for precertificates, which has been substantially overhauled in 6962-bis in light of the concerns around precertificates? I'm not sure where this view that the dominant form is or should be CA initiated logging, or that the intent of 6962-bis is to only countenance that scenario. Over the past 28 days, 46% of the SCTs Chrome has observed have come from the TLS extension, and 53% of them embedded within certificates. 0.01% have come from OCSP responses. This latter number is no doubt driven by at least three CAs who have a largely homogenous user base (of government and public sector users) running on Microsoft-based services, that they were confident enough that they only needed to support OCSP embedding for their subscribers. Any threat model design needs to consider 6962-bis as specified, which is to consider that these different approaches are all equally valid.
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
