Opened 6 years ago

Closed 5 years ago

#165 closed defect (fixed)

Remove unnecessary operational restrictions on logs

Reported by: rlb@… Owned by: eranm@…
Priority: major Milestone: review
Component: to-be-decided Version:
Severity: - Keywords:
Cc:

Description

The following restrictions are stated with RFC 2119 MUST language, but they are
not requirements of the protocol:

  • "Log operators MUST NOT impost any conditions on retrieving or sharing data from the log"
  • "the log MUST veirfy that [a submitted cert] has a valid signature chain to an accepted trust anchor"

These are fine things for log clients to enforce in policy (and probably good
ideas in general), but they're not requirements of the protocol. Indeed, you
could imagine private logs running for special purposes that would want to
violate these terms.

Let's just change these to SHOULD.

Change History (4)

comment:1 Changed 6 years ago by rob.stradling@…

  • Component changed from client-behavior to to-be-decided

comment:2 Changed 5 years ago by eranm@…

  • Owner changed from draft-ietf-trans-rfc6962-bis@… to eranm@…
  • Status changed from new to assigned

comment:3 Changed 5 years ago by eranm@…

  • Milestone set to review

Landed.

comment:4 Changed 5 years ago by melinda.shore@…

  • Resolution set to fixed
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.