Opened 6 years ago

Closed 5 years ago

#178 closed defect (fixed)

Add description of how to validate an SCT

Reported by: rlb@… Owned by: eranm@…
Priority: major Milestone: review
Component: rfc6962-bis Version:
Severity: - Keywords:


The "Signed Certificate Timestamp (SCT)" section needs to explain how to
validate an SCT over a certificate; right now it is really non-obvious. You
need to grab certain elements from both the cert and the SCT and mash them
together properly.

This would also help explain why the SCT structure differs so much from the STH
structure, since the underlying reason is that the SCT is essentially a detached
signature, while the STH contains both the content and the signature.

Change History (6)

comment:1 Changed 6 years ago by rob.stradling@…

  • Component changed from client-behavior to to-be-decided

comment:2 Changed 5 years ago by eranm@…

I support that, it may belong in section 8.2.3.

comment:3 Changed 5 years ago by eranm@…

  • Component changed from to-be-decided to rfc6962-bis

comment:4 Changed 5 years ago by eranm@…

  • Owner changed from draft-ietf-trans-rfc6962-bis@… to eranm@…
  • Status changed from new to assigned

comment:6 Changed 5 years ago by melinda.shore@…

  • Resolution set to fixed
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.