Thanks, Rick. I can add more about the dynamic nature of some root stores to Section 2.1.
In 2.2, I wasn't sure what to say because I didn't think I should speak for Mozilla, even though it's been explained to me that those responsible for NSS/Firefox prefer a click through failure because it may tend to alert the server administrator that there is a problem and they need to install a chain properly. In order to say that, I think someone needs to point me to an official statement of that rationale so that I can reference it officially. In 3.1 and beyond, I'll make those replacements of "should" like I did above in Section 2. In Section 3.4, I can tone down the security concerns a bit, but the problem is that the statements are true in a generic sense. Basically, I am trying to take advice from the last telephone call we had and hit the security concerns, e.g., "why do we care?" or, in other words, what is significant about each particular category of behavior, and why did PKIX frame the security design as such? Are you saying that because I do not reveal a specific zero-day threat that I've observed, I'm therefore precluded from mentioning how that latent vulnerability might be exploited? I can make it more clear that we're addressing the generic issues and not the specifics, if that helps. Thanks again for your review and comments-they do help - significantly. Cheers, Ben From: wpkops [mailto:[email protected]] On Behalf Of Rick Andrews Sent: Tuesday, June 10, 2014 6:04 PM To: [email protected]; [email protected] Subject: Re: [wpkops] Preliminary Next Version of Browser Behavior Draft Ben, I reviewed what I think is the latest draft at https://tools.ietf.org/html/draft-wilson-wpkops-browser-processing-01, not the Word doc attached to the previous message. Section 2.1: Is it worth pointing out that root stores are not fixed? Not only can they be extended via automatic download (as you pointed out), but enterprises can add and remove roots (as often happens in Windows environments) and browser users can manually add or remove roots or modify trust bits. Document readers may not be aware of those other possibilities. Section 2.2: It might be helpful to readers to explain here why Firefox does not do "AIA chasing". In other words, they don't see it as a missing feature; they choose to fail on incomplete chains, and a case can be made as to why this behavior is preferable to the behavior of other browsers. Or do we just want to point out differences among browsers without trying to explain why those differences exist (where we understand why)? Section 3.1 The introduction says "This document reviews the current processing behaviors...", but this Section is full of "should"s. I suggest it needs to be rewritten to factually describe current behavior. Section 3.4 seems speculative and not descriptive of current browser behavior. Section 3.5 Header is not in bold. Section 4.3 Shouldn't say "browsers should" ;^) -Rick From: wpkops [mailto:[email protected]] On Behalf Of Ben Wilson Sent: Tuesday, May 27, 2014 2:13 PM To: [email protected] Subject: Re: [wpkops] Preliminary Next Version of Browser Behavior Draft Here is another draft with suggested changes from Santosh accepted, and the addition of "Security Considerations" subsections, based on our discussions of May 13th. From: wpkops [mailto:[email protected]] On Behalf Of Ben Wilson Sent: Tuesday, May 13, 2014 9:44 AM To: [email protected] Subject: [wpkops] Preliminary Next Version of Browser Behavior Draft Here is a first pass through the browser behavior document that I sent to Robin and Santosh yesterday.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ wpkops mailing list [email protected] https://www.ietf.org/mailman/listinfo/wpkops
