On 10/10/16 23:01, Peter Bowen wrote:
> While I think the IETF is the right place for technical work on redaction,
> the IETF explicitly avoids work on policy.
> In the realm of CT, 6962bis section 4.2 includes the option to log a
> name-constrained intermediate CA in place of logging end-entity certificates.
> There has be no move to remove this from 6962bis. Assuming this remains
> included in the final RFC, does that mean Chrome will treat such certificates
> as logged?
> I agree that there should be discussion in less “insular” forums, but I also
> think there is value in discussion at the F2F.
ISTM that discussions on redaction have reached something of an impasse
lately. I don't see how TRANS can make any further useful progress on
redaction until there's at least some sort of a plan for addressing the
policy issues. And, as Peter noted, that ain't gonna happen at the IETF.
Plenty of IETF-related work happens first behind closed doors and then
is fed into the public IETF workspace for further comment and refinement.
I'll be blunt: Having you in the same room as representatives from
Symantec for a lively discussion seems to me like our best chance of
making any progress. :-)
Senior Research & Development Scientist
COMODO - Creating Trust Online
Public mailing list