On Fri, 10 Jun 2016 15:31:07 +0100 Rob Stradling <[email protected]> wrote:
> Steve, > > I consider the consensus of this WG to be "the definitive > expert". :-) > > FWIW though, I concur with Andrew's attack description and impact > characterization. Regarding fixing it: I'd rather nuke the redaction > option than add further complexity. I think the removal of redaction should be considered. For those who haven't been following Chrome's ct-policy list, Chrome has announced that they will not be supporting redaction, at least until a list of concerns is addressed: https://groups.google.com/a/chromium.org/d/msg/ct-policy/fCt4Bm03GsI/jBbqE_QWBQAJ Addressing those concerns may require additional standardization (e.g. a CAA property for domain owners to opt-in to redaction). If there's still interest in redaction, it could be done in a future document, along with the necessary work to make it acceptable to Chrome. In the meantime, someone might find a simpler way to address this attack. Regards, Andrew _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
