On Wed, Jun 15, 2016 at 7:24 AM, Eran Messeri <[email protected]> wrote: > On Wed, Jun 15, 2016 at 3:08 PM, Salz, Rich <[email protected]> wrote: >> And it should not limit privacy to those with deep pockets. > > This is where I truly lack data/insight. From a technical perspective, > redaction with a name-constrained intermediate is equivalent to redaction > of domain name labels but I don't know how much more work it is for a CA to > set up (technical arguments on why they may not be equivalent are _very_ > relevant to this discussion). > Redaction can also be achieved by certificates with wildcards, so the only > reason (I can see) to use 6962-bis redaction is to redact multiple levels of > a domain name.
The WebTrust for CA criteria require a full ceremony to generate CA keys (see section 4.1 in http://www.webtrust.org/homepage-documents/item54279.pdf). This is not cheap to execute. Each subordinate also needs to be configured in the CA's systems. Additionally many HSMs do have finite space -- so massively increasing the number of subordinates may require purchasing more HSMs. So a new intermediate is by no means free. Thanks, Peter _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
