-
Notifications
You must be signed in to change notification settings - Fork 36
Explain how to ensure effective redaction #178
Conversation
(and how to avoid futile redaction)
👍 |
@robstradling I don't like the implication that redaction is a security mechanism. It could be a Privacy Consideration, although it also seems fine where it is currently. |
</list> | ||
</t> | ||
<t> | ||
CAs SHOULD carefully consider each request to redact a label. When a CA believes that redacting a particular label would be futile, the CA SHOULD NOT redact it. TLS clients may have policies that forbid redaction, so redaction should only be used when it's absolutely necessary and likely to be effective. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/SHOULD/should/g, as it's not a part of the protocol, but a recommendation for CAs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ditto for "it is RECOMMENDED that domain owners", I suppose.
I agree with Rob it'd make sense to move it to another section, probably the Security Considerations section (which could be renamed Security & Privacy considerations). Since this text does not prescribe specific behaviour of a party in the protocol, it shouldn't be among the technical details of how to do redaction (it may go unnoticed there). |
@eranmes PTAL |
LGTM, please squash before merging (you can now do that with the green button). |
Merged at 3068171 |
Issue google#176 - Remove `X509ChainEntry` and `PrecertChainEntryV2` Issue google#177 - Instructions for constructing leaf hash from cert + SCT Issue google#178 - Add description of how to validate an SCT Issue google#179 - Indicate certificate / precertificate in Entry and SCT
…+ SCT Also covers Issue google#178 - Add description of how to validate an SCT Note: This branch is on top of 179-indicate-precert-in-sct, so that branch should be merged first.
Detail the TransItem that has to be constructed as the input to the signature validation phase, when validating SCTs.
Detail the TransItem that has to be constructed as the input to the signature validation phase, when validating SCTs.
(and how to avoid futile redaction)