On Monday, October 24, 2016, Melinda Shore <[email protected]> wrote:
> Hi, all: > > You may have seen the recent announcement from the Chrome > team that as of October 2017 certificates will need to comply > with Chrome's CT policy in order to be trusted. There was > also an invitation to discuss that on the trans mailing list. > This is a reminder that mailing list discussions need to > remain focused on the specifications being produced by the > working group - that is to say, policies related to > individual implementations are out of scope for the working > group except to the extent that they bear on decisions related > to our working group drafts. > > Many thanks, > > Paul and Melinda > > Apologies for that - in every message but the one posted here, I encouraged people to discuss the policies on [email protected], but that any use cases or concerns with the technical means should be brought to IETF. To that end, there was some discussion in person during the CA/Browser Forum's F2F (scheduled before we made the announcement) that attempted to explore various use cases for forms of redaction within certificates; information that CAs and site operators felt that transparency would be harmful, rather than helpful. As soon as the minutes become public, my hope is that further conversation about use cases for redaction will be channeled here, so that it may be used to assist in the production and work on a redaction draft that tries to capture these, as well as explore possible technical solutions. In the event the WG cannot find consensus on technical solutions, or for which the tradeoffs are seen as too large, or too specific to the Web PKI, then I think it is something to explore addressing via policy solutions, and the conversation migrates to either via [email protected] if they're specific to Chrome's plans, or [email protected] if there are specific solutions to explore. I mention all of this to echo support for avoiding a discussion of browser policy, or CA policy, on this list, except to the extent it affects the technical discussions being noted here.
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
