We could also remove the subject field to save a bunch of space, but that would defeat the point of the certificate. Similarly, removing the public notice defeats the purpose of our relying party warranty. However, I do think we need to shorten the message and deliver it more efficiently.
Thanks for the heads up. Jeremy -----Original Message----- From: Rob Stradling [mailto:[email protected]] Sent: Wednesday, February 05, 2014 5:55 AM To: Jeremy Rowley Cc: [email protected]; 'Ben Laurie'; 'CABFPub'; [email protected] Subject: Re: [cabfpub] Updated Certificate Transparency + Extended Validation plan On 04/02/14 17:33, Jeremy Rowley wrote: <snip> > Adding 400 bytes per certificate will make EV certificates unusable by > entities concerned with performance. BTW Jeremy, in seeking to get some perspective on this issue, I notice that the current EV cert for www.digicert.com has a Certificate Policies User Notice that takes up 338 bytes! (2 bytes per character, 'cos for some reason you use a BMPString). "Any use of this Certificate constitutes acceptance of the DigiCert CP/CPS and the Relying Party Agreement which limit liability and are incorporated herein by reference" Is it really necessary to include this notice in each cert? Have any "entities concerned with performance" complained about it? You could save 169 bytes immediately by simply switching from BMPString to UTF8String! ;-) -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
