On 29/07/16 00:31, Ryan Sleevi wrote:
<snip>
I think it's also useful to compare the logging of redacted certificates
(which at least one CA is doing with their own non-conforming log) against
those publicly logged certificates. If you do, you'll see the same thing I
am: redaction is hard for users to get right, and often results in
'obviously wrong' things. We could blame the CA for making it too easy,
but I also thinks it's reasonable to suggest that perhaps it's not as
important as some have claimed.
For a quick sample, consider:
- https://crt.sh/?serial=7f90c4250ef1f03f96fbe59fcb807857 : Redacted "www"
- https://crt.sh/?serial=7fe0023277563c51af6c299e9baed126 : Redacted "www"
- https://crt.sh/?serial=132c3fd48f0bb6391200e9f56d43272d : Redacted "www"
- https://crt.sh/?serial=2c1fa499a25405936098e31404c2dc8e : Redacted
"mystatus", despite it being a well-known URL
Hi Ryan.
FYI, here's a snapshot I just generated of all the "redacted
precertificates" and (where known to CT) the corresponding certificates:
https://crt.sh/reports/20160729_redacted-precertificates.html
(See also https://crt.sh/redacted-precertificates - generated in
realtime using the latest data; very slow to load; sometimes falls
victim to crt.sh's automated long-running-query killer)
Is the ecosystem harmed by those mistakes? I would argue yes, but I know
others would argue no. Regardless, I think this is something that spans
beyond just the tech, involves questions that we (in the TRANS group) are
not well suited to answer, and feels very much like something better
removed into a separate spec and the full discussions about the tradeoffs
can happen there.
Were going round in circles again. :-(
Please review the "Name redaction - stay or go?" thread from 6 weeks ago
[1]. FWIW, I too proposed moving redaction to a separate doc [2], but
the chairs did not direct us to take this course of action.
There are plenty of folks with a strong preference to leave redaction in
6962-bis, and there are plenty of folks with a strong preference to
remove redaction from 6962-bis.
How on earth are we going to get this document through Last Call?
It's very clear that the people actively participating
are passionate about the tech, but I think the issues go beyond the tech,
and I'd hate to see us settle on an incomplete or unsuitable solution.
+1
[1] https://mailarchive.ietf.org/arch/msg/trans/DCIS3dwb-QbYY4ttZwlCd_zmmXY
[2] https://mailarchive.ietf.org/arch/msg/trans/046Cv3IQTNzNRq8LUQJsPMNeCTo
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
