On Tue, Jan 24, 2017 at 1:32 PM, Linus Nordberg <[email protected]> wrote:
> Melinda Shore <[email protected]> wrote > Wed, 11 Jan 2017 05:55:49 -0900: > > > Working group last call will close on Wednesday, 1 February. > > Seems to me like none of the browser vendors have any plans on > implementing CT Gossip as specified in this draft. Therefore I suggest > we cancel last call for gossip and try to change the draft into > something that at least one browser vendor is willing to support. > > Please don't hesitate to comment on the contents of the draft though. > The authors are still interested in specifying something useful for > catching misbehaving CT logs. > I think it's more a question of whether we expect we can have running code to implement that draft, so that we can build rough consensus. It's not that Chrome is opposed to the Gossip draft - merely, that we haven't even begun to plan to implement/experiment with it, so can't really comment on. To be fair, we're sort of in this same issue with RFC 6962-bis, in my opinion - the economics of the Web PKI make it hard to get the "running code" part that allows us to build the "rough consensus" - so it's hard to know whether or not it's ready to maturate past WGLC. In other spaces, such as TLS WG, we're in a much better place to implement and iterate in a virtuous cycle. I mention this because I don't want you to feel that we (browsers) are either rejecting the Gossip draft or holding it hostage - just that there are enough moving parts or in-fight activities that we've not had a chance yet to fully explore this space in a way that can lead to good feedback. However, I do think Gossip is an important part of CT's future, and want to get to a place where we can really explore the draft, implement, and provide feedback. Unfortunately, I don't know if the IETF really has a good way of "This is good and important work, has what seems like a lot of good and important ideas, but let's keep this on the burner until more implementations exist" :(
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
