On 11/13/17 10:21 PM, Ben Laurie wrote:
[...] The problem is revocation (or the lack of it).We actually know how to solve transparency for revocation, and what's more Trillian provides the necessary infrastructure, so I'm not entirely sure why we'd want to make the job of checking for misissued certs 100x more expensive rather than just making revocation work properly (which presumably could use the same underlying mechanism to determine revocation status).
+1 Cheers, Max -- Best Regards, Massimiliano Pala, Ph.D. OpenCA Labs Director OpenCA Logo
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
