Opened 7 years ago

Closed 7 years ago

#43 closed defect (wontfix)

key rollover

Reported by: kent@… Owned by: draft-ietf-trans-rfc6962-bis@…
Priority: major Milestone:
Component: rfc6962-bis Version:
Severity: - Keywords:
Cc:

Description

Section 9 alludes to key rollover, but does not address how this important feature is supported in CT. A description of how logs will effect key rollover, and how clients will deal with it, securely, is needed.

Change History (1)

comment:1 Changed 7 years ago by eranm@…

  • Resolution set to wontfix
  • Status changed from new to closed

Will not fix because the feasible way to change a log's key is to freeze it and start a new one.
The alternative is to build into all data structures an indication of which key was used to sign the SCTs, coordination with TLS clients on when to switch to the new key, etc. I think it's a significant complexity to add for no real benefit - freezing a log and starting a new one is much simpler conceptually (and is operationally as complex as key rollover, if not less).

Note that policies of TLS clients for recognizing a log, although out of scope for the trans wg, could have different requirements for logs from new operators vs logs from recognized operators that would like to use a different key for their log.

Note: See TracTickets for help on using tickets.