Opened 7 years ago

Last modified 7 years ago

#151 new defect

Architecture document: Only the leaf cert + timestamp are in the SCT

Reported by: eranm@… Owned by: draft-ietf-trans-threat-analysis@…
Priority: major Milestone:
Component: threat-analysis Version:
Severity: - Keywords:


In section 3.1:
The sentence saying "hashing it with information from other log submissions." is incorrect. The SCT only covers the the end-entity certificate and timestamp, not the entire chain nor other entries in the log.

Change History (2)

comment:1 Changed 7 years ago by kent@…

Proposed text change:
The log creates an entry for the terminal certificate in the chain, and returns this Signed Certificate Timestamp (SCT) to the submitter.

comment:2 Changed 7 years ago by eranm@…

SGTM, with the extra benefit of not repeating information that's already in another document.

Note: See TracTickets for help on using tickets.