This is taken from Ben Kaduk’s DISCUSS ballot; it can be found within https://datatracker.ietf.org/doc/draft-ietf-trans-rfc6962-bis/ballot/ I’d like input from the WG, but all three items require input from Ben.
In 2.1.4.1 “Generating a Consistency Proof”: > If m <= k, the right subtree entries D[k:n] only exist in the current > tree. We prove that the left subtree entries D[0:k] are consistent > and add a commitment to D[k:n]: > > SUBPROOF(m, D_n, b) = SUBPROOF(m, D[0:k], b) : MTH(D[k:n]) > >This 'b' is always 'false', right? Does “this b” mean the one on the right-hand side of the equal sign? And if so, does the WG have an answer to the question? I believe this refers to the table in 5.5 “Retrieve Merkle Inclusion Proof, Signed Tree Head and Consistency Proof by Leaf Hash”: >Similarly, we talk about "index of requested hash", which is at least >unambiguous (IIUC), but we don't give a description of how the server >could/should determine. I think this is up to the implementation and need not be documented. Does anyone disagree with that? On 11.1, “Misissued Certificates” Ben wrote: >This seems to be making some unstated assumptions, including perhaps >that someone has actually submitted the misissued certificate in >question to a log (in order to support the claim that the maximum time >it can be used without audit is twice the MMD). I don't see the assumptions, can you give more details? In particular, I don't see the "perhaps someone submitted" assumption. I can’t do anything without more input.
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
