Peter,
It's good that this potential problem has been identified, but it
ought to be addressed in 6962-bis, not via an action in the CABF context.
I say this for a few reasons:
- CABF cert policies do not apply to all cert that one might encounter
in a browser
- Eran has argued that CT applies to all TLS-based communications, not
just browser/web server interactions (I still disagree about this)
- 6962-bis wants to become an IETF standard and thus relying on an
external
spec to address a potential security concern is not appropriate.
If Rob can adjust text in 6962-bis to address this problem, that's the
preferred approach.
Steve
Ah, then ignore that question in the trans context. We can fix in the
CABF context.
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
