On Sep 10, 2012, at 3:21 PM, Stephen Farrell wrote:
>
> Hiya,
>
> If you want a BoF, then you need to do the required dance;-)
>
> "2012-09-24 (Monday): Cutoff date for BOF proposal requests to Area
> Directors at UTC 24:00. To request a BOF, please see instructions on
> Requesting a BOF." [1]
>
> Sean and I remain interested in folks' opinions about having this
> BoF. So far I've seen about a dozen-ish "I'm interested in
> something here" responses, a good chunk from folks who do good
> work around the IETF; one negative comment off-list (saying its
> not baked), and have seen a just a couple of folks say they'd
> do work.
>
> That's not bad, but nowhere near overwhelming either, so more
> input would be appreciated, preferably on the list.
Stephen,
I am very supportive of the BoF.
Certificate Transparency addresses a real problem that no other public key
infrastructure tweaks do. It permits any party to survey the landscape of
public certificates and do meaningful security analysis. It is also a modest
protocol that doesn't interfere with existing operations.
Many of us doubt the public web certificate infrastructure runs without someone
cheating. We take as an article of faith that someone somewhere is issuing
bogus certificates for whatever nefarious purpose. Usually that is some vague
surveillance, if not outright espionage. (For what it's worth, I subscribe to
that faith.)
CT has the value that CAs, relying parties, end users, and interested third
parties can look at the landscape of certificates and catch inconsistencies. It
allows us put some actual faith into trust. It allows us to see what is going
on in a system that we all use. We need CT. It would be good to have it develop
under the aegis of the IETF.
Jon
_______________________________________________
therightkey mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/therightkey
