Opened 6 years ago

Closed 5 years ago

#184 closed defect (fixed)

Remove unnecessary restrictions on clients

Reported by: rlb@… Owned by: draft-ietf-trans-rfc6962-bis@…
Priority: minor Milestone: review
Component: rfc6962-bis Version:
Severity: - Keywords:
Cc:

Description

It is always up to a relying party's local policy (1) which certificates it
considers valid, and (2) what it does in response to invalid certificates. So
the requirements in Section 8.2.5 and Section 8.2.8 should be deleted.

Change History (4)

comment:1 Changed 6 years ago by rob.stradling@…

  • Component changed from client-behavior to to-be-decided

comment:2 Changed 5 years ago by eranm@…

  • Component changed from to-be-decided to rfc6962-bis
  • Priority changed from major to minor

From in-person discussion with Richard:

  • Section 8.2.8. should be removed.
  • Section 8.2.5. First paragraph should be removed, second part should be changed to say that not only SCTs are accepted but also proofs.

This is out for review in https://github.com/google/certificate-transparency-rfcs/pull/241

comment:3 Changed 5 years ago by eranm@…

  • Milestone set to review

This was addressed in https://github.com/google/certificate-transparency-rfcs/pull/266 (which was merged after Rob's review: https://github.com/google/certificate-transparency-rfcs/commit/e987be68bbb6a9f787e2e51b1e7c67aa60449e00)

As discussed in-person with Richard, section 8.2.8. was removed and the language around compliance was changed to make it clear it is a client policy and clients may require SCTs, inclusion proofs or a combination of both.

comment:4 Changed 5 years ago by melinda.shore@…

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.