(Benjamin Kaduk) Discuss
3) inconsistency / conflicts about the minimum array size of NodeHash
I don't see any issue. I looked for NodeHash and found three places:
a) 4.9 Merkle Tree Head
opaque NodeHash<32..2^8-1>
which says the size MUST match the log's HASH_SIZE
b) 4.11 Merkle Consistency Proofs
NodeHash consistency_path<1..2^16-1>;
This is a vector (array) of NodeHash items, as the text mentions.
c) 4.12 Merkle Inclusion Proofs
NodeHash inclusion_path<1..2^16-1>;
This is also a vector (array) as described in the text.
I think Ben is wrong here.
4) Section 6 on OCSP contains language no longer applicable for the
latest TLS version 1.3.
This should be extended to cover 1.3 (or replaced to only cover 1.3
and no earlier versions??)
https://github.com/google/certificate-transparency-rfcs/pull/320
5) Need for "greater clarity on the (non-)usage of CT for TLS client
certificates"
Perhaps Benjamin can clarify this request with some more details?
https://github.com/google/certificate-transparency-rfcs/pull/319
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
