Ben,
On 18 August 2014 12:55, Stephen Kent <[email protected]> wrote:
Ben,
Thanks for the analysis you performed to start the discussion on
https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/_p8zRz5Em3s.
However, I believe that this discussion should move to the
TRANS list, since it addresses a topic that is squarely within
the scope of the CT standard, right?
Do you disagree?
I am not against there being a discussion in TRANS, but I think there
are two interlinked issues:
1. What signals CT provides for what kinds of certs.
2. What Chrome does in response to those signals.
Each has its own appropriate venue.
I agree that these are separate topics. But the overall question of whether
the proposal for redacted certs, as part of 6962-bis, is "safe" for both
DV and EV certs, is appropriate for this list. (It's the subject of an
issue tracker entry that I submitted.)
The topic of how a CT-compliant TLS client deals with a redacted cert,
of any type,
is within scope for TRANS.
What Chrome does is not a subject for TRANS, since you have already stated
that Chrome will do whatever Google decides, irrespective of any TRANS
RFCs :-).
I am also mildly confused about how an RFC interacts with standards
that are not controlled by the IETF (i.e. the Base Requirements and
the Extended Validation requirements).
Well, RFC 6125 is an example of a standards track RFC that talks about EV
certs in the TLS context, so there is a precedent.
Steve
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
