On 17/08/15 18:24, 'Adam Eijdenberg' via certificate-transparency wrote:
(posted to [email protected], [email protected]
and [email protected])
<snip>
Lookahead:
- We're very interested in exploring how we make it viable for a
site-owner to be able to opt-in to requiring CT, ahead of any general
browser-enforced deadlines. We would welcome participation in helping
define what this might look like in a manner that would work well for
both browsers and site-owners.
Adam,
RFC 7633: "X.509v3 Transport Layer Security (TLS) Feature Extension"
This newly standardized certificate extension could be used to signal
that the TLS server MUST send the CT TLS extension.
I realize that this may not suit many early adopters, since few deployed
servers support the CT TLS extension yet. But I figured it was worth
mentioning.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
