Ryan Sleevi mentioned there was a discussion about CT at the CA/Browser Forum meeting last week. While the minutes are not yet published, I have posted the a set of slides based on the ones I presented at the Forum. They are available at http://www.slideshare.net/pzb/balancing-customer-privacy-with-transparency
The original set of slides was intended to kick off a discussion; the version I posted has some updates based on the discussion. The most notable parts, in my opinion, are related to reasons people want privacy instead of full transparency: * Binding of domain name to corporate entity (domain name uses proxy registration) * PII in certain certificate types (Qualified?) * Overly descriptive labels in FQDNs (provides a blueprint of network topology) * Disclosure of confidential projects (e.g. newthing.example.com or fordacquisition.gm.com) – may become public at a future point _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
