Reposting on Jurgen's behalf, because this does add useful information to
the discussion of timing and what CAs other priorities are, which helps
make sure browsers (like us) are cognizant of the impact :)
On Fri, Jan 13, 2017 at 12:46 AM, Jürgen Brauckmann <brauckm...@dfn-cert.de>
> Am 12.01.2017 um 23:56 schrieb Ryan Sleevi via Public:
>> If it isn't - and CAA implementation is on your plans to implement - it
>> might help more if you could speak to what other improvements to online
>> security and safety Entrust is planning that would be more
>> important/valuable for the ecosystem than CAA.
> Well, I'm not Entrust, but our main challenge here is not the complexity
> of CAA, but the current requirements from Google Chrome: Getting
> Certificate Transparency right until 10/2017 takes a lot of effort.
> Deprecation of KEYGEN (as another browser-induced change which has a big
> impact on our systems) needs also quite a lot of resources.
> So, setting CAA's priority higher is all fine and nice, but having a
> possible dual deadline in autumn 2017 for CT/Chrome and CAA/Baseline
> Requirements is plain ugly.
> [You may repost my comment to the public list, thanks]
Public mailing list