[Trans] Are we done yet? (was Re: 6962-bis: Preventing Tracking Clients - follow-up)

Mon, 22 Oct 2018 14:30:47 -0700

Since there were no replies to Eran's post (below), and since Eran's preference was to reject https://github.com/google/certificate-transparency-rfcs/pull/295, we have not merged this PR.
I don't think anybody's changed their position on this matter, but nobody's proposed alternative text or suggested a way forward that satisfies everybody. 


Since this was the last remaining item to address before A-D Review 
resumes, I propose to reject PR#295 and invite the Chairs to ask EKR to 
resume his A-D review on version -29 of the document.


On 28/09/2018 15:26, Eran Messeri wrote:

Hi all,


I'm hoping to get WG consensus on whether we want the section about 
"preventing tracking clients" in 6962-bis or not , particularly in light 
of the recent document status change to "experimental" (Pending PR 
<https://github.com/google/certificate-transparency-rfcs/pull/295>).



Those in favour of removing it suggested that it precludes the use of an 
RSA mode that is otherwise recommended and that gossip is not yet 
defined so it's premature to take it into consideration in a 
standards-track document.



Those in favour of leaving it pointed out that building a gossip 
mechanism without those properties would be very hard.



Personally I think this section should be left in since it will make 
privacy-preserving auditing of logs ever harder than it currently is, 
there are two methods for achieving that mentioned in the section 
(deterministic signature schemes & caching of signed artefacts) and it 
is strongly suggested (SHOULD), not mandated (MUST) - the way I see it 
it's a property that the log generally should have as it would make 
auditing easier and allow "STH discipline" but would not break the 
system if the log occasionally produces duplicate signatures for the 
same STH / submission.


Regards,
Eran


--
Rob Stradling
Senior Research & Development Scientist
Email: [email protected]
Bradford, UK
Office: +441274730505
ComodoCA.com


This message and any files associated with it may contain legally 
privileged, confidential, or proprietary information. If you are not the 
intended recipient, you are not permitted to use, copy, or forward it, 
in whole or in part without the express consent of the sender. Please 
notify the sender by reply email, disregard the foregoing messages, and 
delete it immediately.


_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans














    











					Reply via email to