Yes - the API isn't public yet, but I'll see if I can share the documentation.
Thanks Rob! -----Original Message----- From: Rob Stradling [mailto:[email protected]] Sent: Thursday, June 11, 2015 9:33 AM To: Jeremy Rowley; [email protected] Cc: Matt Palmer Subject: Re: [Trans] Log Monitoring API On 11/06/15 16:20, Jeremy Rowley wrote: > Hi Rob - we'd like to get involved Great. I thought you might. Thanks Jeremy. > as we already have an API for our cert monitoring software. Can you share any documentation? This would be a useful input to our initial discussions. > -----Original Message----- > From: Trans [mailto:[email protected]] On Behalf Of Rob Stradling > Sent: Thursday, June 11, 2015 5:16 AM > To: [email protected] > Cc: Matt Palmer > Subject: [Trans] Log Monitoring API > > 6962-bis notes that: > "Those who are concerned about misissue can monitor the logs, asking > them regularly for all new entries, and can thus check whether > domains they are responsible for have had certificates issued that > they did not expect." > > If you act as a monitor yourself, you can be sure that the logs you're > monitoring aren't misbehaving. You don't have to trust the logs. > > However, if you use the services of a third-party monitor instead (which I > expect most domain owners would prefer to do), then you have to trust that > that third-party monitor isn't hiding any certs from you. > > Therefore, ISTM that some domain owners might want to be able to use the > services of multiple independent monitors simultaneously. > > To facilitate this, it would be useful to define a standard API for querying > a monitor. This API would allow callers to search for certs issued to a > particular domain name/space, setup notifications of (mis-)issuance, etc. > > Matt Palmer and I are planning to start work on a -00 draft soon. If anyone > else would like to get involved, please let us know. -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
