While not wanting to spam this list, I did just want to let participants know that the Chrome team has announced plans to that website certificates issued in October 2017 or later must comply with Chrome's Certificate Transparency Policy in order to be trusted in Chrome.
The full text of this announcement is at https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/78N3SMcqUGw As noted in that thread, we've encouraged CAs and sites to bring use cases to the IETF for discussion, particularly around redaction, to ensure that needs are being understood. However, we fully recognize that not everything has a technical solution - some of it may require policy action within either the CA/Browser Forum or browsers' root store requirements, rather than addressing within CT itself. However, we wanted to make sure that the technical venue of discussion was brought to the IETF, rather than the disparate groups it might otherwise occur (the CA/Browser Forum, browsers' security lists, private discussions) I'll be at IETF 97 as well, and happy to discuss any questions - on-list if it's not seen as off-topic, otherwise off-list, on the ct-policy@ list, or in-person in the next few IETFs. At present, the Chrome CT Policy requires RFC 6962. Support for 6962-bis, let alone requiring it, will be gated on the IETF process and industry adoption. Speaking solely with a "Chrome hat" (not quite individual hat), we're interested in making sure CT addresses' real world needs, rather than rushing through process. To be more explicit: This should neither be seen as a request to rush or to delay 6962-bis' progression, or of any of the other supporting documents :) We're hugely appreciative of all of the effort that the IETF participants have spent working on Certificate Transparency, both as 6962 and 6962-bis, and hopefully this counts as a ringing endorsement to the progress that both has been made and continues to be made within this space. On the topic of redaction, and for which new use cases continue to emerge, we're committed to engaging the community and finding the best solutions for the problems raised here in the IETF. Hopefully, this announcement will lead to even greater involvement and activity in this WG about both the problem space, and the possible solutions, around redaction. _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
