Matt Palmer <[email protected]> wrote Sat, 18 Oct 2014 10:44:00 +1100:
| > Since the purpose of the log is to put light on bad certificates, would | > it make sense to instead have text 1) specifying a minimum of checks to | > be done (i.e. the chain) and 2) encouraging logging and publishing of | > all other certificates? | | IMO, yes. My opinion is that a log which rejects certificates for reasons | other than those required to maintain the operation of the log (ie spamming) | is worthless -- you're *not* getting a complete view of what a CA intended | to issue, you're getting some sort of filtered, sanitised view of it. Thanks, this is my view as well. Happy to try to provide text unless other people on the list have a good case against this. | > On a minor note, I think that "trusted" in the very first sentence | > should be changed to "known. Should I use the issue tracker? | | I've been advised that for small, non-controversial changes, submitting a | pull request direct to the github repo is fine. Thanks, did that. _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
