No problem, I knew what you meant.  I just wanted to fish the topic out of your 
long email and emphasize it.


Since I’m on a plane on a Friday afternoon, and need some mindless work, I 
collected some references to refresh people’s memories:


Maybe on my flight on Tuesday I’ll have time to actually READ the links instead 
of just collecting them and posting them 😊




From: Ryan Sleevi [] 
Sent: Friday, March 2, 2018 9:24 AM
To: Tim Hollebeek <>
Cc: CA/Browser Forum Public Discussion List <>; Paul Hoffman 
Subject: Re: [cabfpub] [Ext] BR Authorized Ports, add 8443


For sure. Apologies if that was worded confusing - we're hugely supportive of 
SRVNames, but solving the technical and policy issues around them is thorny and 
will require technical expertise, and I think most of the technical expertise 
of the Forum has been otherwise occupied by a number of more pressing matters 
(adoption of Certificate Transparency, strengthening of validation methods, 
reducing certificate lifetimes, etc)


On Fri, Mar 2, 2018 at 11:20 AM, Tim Hollebeek < 
<> > wrote:

We’re willing to continue talking through those issues in an attempt to reach a 
solution.  I do think SRVNames would be a useful improvement.  For us, the lack 
of movement has had more to do with time constraints than technical constraints!


While SRVNames do offer a way to scope the authority to a particular service 
(on any port), there's been no movement towards adopting them in the CA/Browser 
Forum, due to the issues they would have with technically constrained sub-CAs. 


Attachment: smime.p7s
Description: S/MIME cryptographic signature

Public mailing list

Reply via email to