Opened 7 years ago

Closed 6 years ago

#126 closed defect (fixed)

text leaves open the possibility that a submitter might not verify the returned SCT

Reported by: david@… Owned by: rob.stradling@…
Priority: major Milestone: review
Component: rfc6962-bis Version:
Severity: - Keywords:
Cc:

Description

From https://tools.ietf.org/html/draft-ietf-trans-rfc6962-bis-10#section-3:

The submitter SHOULD validate the returned SCT as
described in Section 9.2 if they understand its format and they
intend to use it directly in a TLS handshake or to construct a
certificate.

This wording begs the question of when a submitter ought NOT verify the returned SCT.

Change History (6)

comment:1 Changed 7 years ago by rob.stradling@…

I can't think of any case where a submitter MUST NOT or SHOULD NOT verify a returned SCT.

If we don't have anything to say, why attempt to say it?

comment:2 follow-up: Changed 7 years ago by eranm@…

I agree with Rob.
Cases where a submitter may not need to verify the returned SCT is when it's submitting certificates for the purpose of making them known publicly. This is clearly covered by the current text.

David, was there a particular case in mind where the standard should specify a submitter ought NOT to verify the returned SCT?

comment:3 in reply to: ↑ 2 Changed 7 years ago by david@…

Replying to eranm@…:

I agree with Rob.
Cases where a submitter may not need to verify the returned SCT is when it's submitting certificates for the purpose of making them known publicly. This is clearly covered by the current text.

Sorry, I must have missed the discussion of that case. Could you point me to the text that talks about that case?

David, was there a particular case in mind where the standard should specify a submitter ought NOT to verify the returned SCT?

No, I think verification is great. I just think that this "SHOULD" should be accompanied by an explanation of the consequences of not performing the verification. That way implementors will be able to make an informed decision whether or not to verify an SCT in a particular case. Or, if there's no case in which verification should be skipped, then the "SHOULD" should be a "MUST".

comment:4 Changed 6 years ago by rob.stradling@…

  • Owner changed from draft-ietf-trans-rfc6962-bis@… to rob.stradling@…
  • Status changed from new to assigned

comment:6 Changed 6 years ago by melinda.shore@…

  • Resolution set to fixed
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.