On 24/09/2019 18:38, Paul Wouters wrote:
> On Tue, 24 Sep 2019, Andrew Ayer wrote:
>
>>> While I agree with you, I am just a WG chair. So we need to hear a few
>>> more opinions of people and then if there is a consensus, we can go
>>> ahead and make this change.
>>
>> I'm also not sure what "this change" would be, but I agree with the
>> other comments here that CT shouldn't provide a mechanism for logs to
>> change URL.
>
> I meant the clarification text of Base URL change (verus a potential
> other consensus of text that would allow updating the base url)
>
> I'm not sure what the policy is for declaring a registry append only.
> Maybe leave a comment in for IANA whether or not that needs text?
In -33, section 10.6.1 says:
"Each application for the allocation of a Log ID MUST be accompanied
by:
- the Log's Base URL (see Section 4.1).
- a Contact (including contact information), from whom further
information can be obtained.
- an Owner (including contact information), who is authorized to
change this Log ID allocation."
I think we should fold "Owner" and "Contact" into just one field named
"Log Operator", and clarify that the only part of a Log ID Registry
entry that can be updated is the log operator's contact information.
Also, given that log operators are permitted to allocate Log IDs from
other OID arcs (see section 4.4), ISTM that we also need to update
section 4.1 to say that a log's Base URL is immutable.
Furthermore, ISTM that it would help to be explicit about the
immutability of each and every log parameter.
Here's a PR that attempts to resolve all of the above:
https://github.com/google/certificate-transparency-rfcs/pull/314
> Or alternatively, in the text for the Expert Review, mention the
> registry is strictly append-only ?
There is no Expert Review text relating to the Log ID Registry.
--
Rob Stradling
Senior Research & Development Scientist
Sectigo Limited
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
