Opened 7 years ago

Closed 6 years ago

#121 closed defect (wontfix)

log metadata dissemination

Reported by: kent@… Owned by: draft-ietf-trans-rfc6962-bis@…
Priority: major Milestone: review
Component: rfc6962-bis Version:
Severity: - Keywords:
Cc:

Description

After Prague I agreed that log metadata can be supplied by browser vendors for TLS clients hat are browsers. However, max chain length, which was just discussed on the list (11/16-17/15), is an example of metadata that needs to be acquired by CAs, just like the public key for a log. The text in Section 9 needs to say more about how non-browser log clients are expected to acquire this data, or maybe it should say that separate docs defining requirements for each of these types of log clients will discuss this issue.

Change History (4)

comment:1 Changed 7 years ago by kent@…

adding to my issue description above, this Section (9.1) fails to state the notion that all of this metadata is static for the life of a log, except of the Final STH.

comment:2 Changed 6 years ago by eranm@…

I agree that log metadata dissemination is a topic that should be more thoroughly discussed at some point. However, I do not think that 6962-bis is the right place for it.

Steve has a very valid point about metadata not being specified in a machine-readable format, nor having a part of the protocol describing how it is disseminated.

I believe these issues should be addressed separately of 6962-bis, because:

  • The topic of log metadata is one level "above" what 6962-bis discusses.
  • The requirements for metadata dissemination are very different for each type of client.
  • Disseminating metadata reliably is a protocol in itself, which (once the requirements are clear) deserve its own design.

My suggestion is to punt the discussion until after 6962-bis is out. Presumably then there would be enough different clients implementing 6962-bis that disseminating metadata would justify more efforts from this workgroup.

comment:3 Changed 6 years ago by eranm@…

  • Milestone set to review

comment:4 Changed 6 years ago by melinda.shore@…

  • Resolution set to wontfix
  • Status changed from new to closed

This will need to be revisited in a different document.

Note: See TracTickets for help on using tickets.