search

alecmuffett / certificate-transparency

Automatically exported from code.google.com/p/certificate-transparency
0 stars 0 forks source link

Improve log entry wire protocol description for ASN1.Cert #26

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Wire protocol description for log entries (RFC 6962 section 3.1, pg 11) should 
be enhanced to note that format for certificates (ASN1.Cert) is specified in 
TLS RFC 5246. 

Suggest adding following text to RFC 6962:

 ...The final certificate MUST be a root
   certificate accepted by the log.

Certificates and pre_certificates are encoded using the TLS wire format 
(ASN.1Cert) for certificate encoding as specified in RFC 5246.

Original issue reported on code.google.com by wgou...@gmail.com on 15 Jan 2014 at 12:16

GoogleCodeExporter commented 9 years ago 
RFC6962 already covers this.

Sect. 1.2:

Data structures are defined according to the conventions laid out in Section 4 
of [RFC5246].

and Sect 3.1:

opaque ASN.1Cert<1..2^24-1>;

These two define the wire format unambiguously.

(I guess I wasn't clear when explaining this to you before: we simply use the 
same definition as RFC5246 explicitly in our RFC, so a reference is not needed.)

Original comment by ekasper@google.com on 15 Jan 2014 at 10:51