Opened 6 years ago

Closed 6 years ago

#136 closed defect (invalid)

inconsistent discussion of mis-issued certs and compliance

Reported by: kent@… Owned by: draft-ietf-trans-rfc6962-bis@…
Priority: major Milestone: review
Component: rfc6962-bis Version:
Severity: - Keywords:
Cc:

Description

Section 12.1 contradicts text in Section 9.2. 12.1 says that a mis-issued certificate that has not been logged is not compliant, whereas 9.2 says that any certificate not accompanied by an SCT is non-complaint. The discussion of the security implications of mis-issued certificates relative to logging is more accurately described in the attack/threat model. The Security Considerations section should use text from that document when addressing most of what is discussed in 12.1, 12.2, and 12.4.

Change History (2)

comment:1 Changed 6 years ago by benl@…

  • Milestone set to review

What is inconsistent about that? If a certificate has not been logged, it necessarily cannot be accompanied by an SCT and is therefore non-compliant.

comment:2 Changed 6 years ago by melinda.shore@…

  • Resolution set to invalid
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.