On Oct 1, 2014, at 7:54 AM, David Leon Gil <[email protected]> wrote: > On Wed, Oct 1, 2014 at 10:32 AM, Stephen Kent <[email protected]> wrote: >> If a "broader scope" means using more ambiguous terms, I can't see why that >> would be an improvement. >> It has the flavor of "CT is obviously good, so let's just do it." > > Okay. You've convinced me. > > So: I've disabled syslog on all my servers. I can't define a-priori > what security issues logging might detect. Thus there's no point in > logging anything.
1. If CT were as useful and usable as syslog, I'd have fewer problems with it. 2. syslog does not claim to "make it impossible to [xyz hacker thing] without detection", whereas such claims have been made about CT [1]. 3. Nor is syslog presenting it as an IETF security-related protocol. 4. syslog isn't "overtly forcing" [2] architectural changes upon anyone based on aforementioned false claims. Kind regards, Greg Slepak [1] http://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/ [2] https://twitter.com/Cryptoki/status/514866111968706560 -- Please do not email me anything that you are not comfortable also sharing with the NSA.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
