Paul, Still awaiting your feedback on this one.
________________________________ From: Trans <[email protected]> on behalf of Rob Stradling <[email protected]> Sent: 02 October 2019 19:44 To: Paul Wouters <[email protected]> Cc: Alissa Cooper <[email protected]>; Eran Messeri <[email protected]>; Trans <[email protected]>; Andrew Ayer <[email protected]> Subject: Re: [Trans] overview of remaining(?) DISCUSS items for draft-ietf-trans-rfc6962-bis-33 Paul, Does https://github.com/google/certificate-transparency-rfcs/pull/314 address your concern? May I go ahead and merge this PR? (It's still not clear to me what the 6962-bis authors can or can't do at this point in the editing cycle). ________________________________ From: Eran Messeri <[email protected]> Sent: 25 September 2019 17:11 To: Rob Stradling <[email protected]> Cc: Paul Wouters <[email protected]>; Andrew Ayer <[email protected]>; Trans <[email protected]>; Alissa Cooper <[email protected]> Subject: Re: [Trans] overview of remaining(?) DISCUSS items for draft-ietf-trans-rfc6962-bis-33 On Wed, Sep 25, 2019 at 12:16 PM Rob Stradling <[email protected]<mailto:[email protected]>> wrote: On 24/09/2019 18:38, Paul Wouters wrote: > On Tue, 24 Sep 2019, Andrew Ayer wrote: > >>> While I agree with you, I am just a WG chair. So we need to hear a few >>> more opinions of people and then if there is a consensus, we can go >>> ahead and make this change. >> >> I'm also not sure what "this change" would be, but I agree with the >> other comments here that CT shouldn't provide a mechanism for logs to >> change URL. > > I meant the clarification text of Base URL change (verus a potential > other consensus of text that would allow updating the base url) > > I'm not sure what the policy is for declaring a registry append only. > Maybe leave a comment in for IANA whether or not that needs text? In -33, section 10.6.1 says: "Each application for the allocation of a Log ID MUST be accompanied by: - the Log's Base URL (see Section 4.1). - a Contact (including contact information), from whom further information can be obtained. - an Owner (including contact information), who is authorized to change this Log ID allocation." I think we should fold "Owner" and "Contact" into just one field named "Log Operator", and clarify that the only part of a Log ID Registry entry that can be updated is the log operator's contact information. Also, given that log operators are permitted to allocate Log IDs from other OID arcs (see section 4.4), ISTM that we also need to update section 4.1 to say that a log's Base URL is immutable. Furthermore, ISTM that it would help to be explicit about the immutability of each and every log parameter. Here's a PR that attempts to resolve all of the above: https://github.com/google/certificate-transparency-rfcs/pull/314 I agree with Rob and Ryan's stance - as demonstrated with 6962 deployment, client agility would address the issue of logs wanting to change their URLs (and I do not recall an occasion where having the ability to change just the log URL would have been helpful). > Or alternatively, in the text for the Expert Review, mention the > registry is strictly append-only ? There is no Expert Review text relating to the Log ID Registry. -- Rob Stradling Senior Research & Development Scientist Sectigo Limited _______________________________________________ Trans mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/trans
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
