On Wed, Oct 24, 2012 at 10:09 AM, Rick Andrews <[email protected]> wrote:
> It's not a question of being unable to modify our software. As a > representative of Symantec, I will tell you that modifying our issuance code > will be a very tough sell, for a number of reasons: > - There's no obvious direct return on investment > - For some types of certificates, speed of issuance is very important. > Getting a CT proof will slow this down and cause it to fail if the log server > isn't up 100% of the time. > - It makes sense to avoid relying on external parties to fulfill part of our > cert issuance process. At this point, it's unclear who would even host a log > service, what SLA they would provide, how much attention they would pay to > performance and availability, disaster recovery, etc. > - Symantec would not be interested in hosting a log service because of > unclear ROI. CT makes CAs less valuable targets. I'd call that ROI. _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
