[cabfpub] Updated Certificate Transparency + Extended Validation plan
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Wed Feb 12 15:40:01 MST 2014
On 02/10/2014 06:28 PM, From Chema López González:
> Have anyone take into account the current position of EJBCA
> <http://blog.ejbca.org/2013/09/certificate-transparency-and.html>, a
> mayor player in this stuff of digital certificates?
And I want to see how CAs will struggle when they issue one thing
initially as a pre-certificate and then place something else into the
actual certificate and mess with their entire infrastructure maintaining
multiple PKI trees. Or will poke holes the size of a football field into
their infrastructure in order to get the desired result. And eventually
simply drop pre-certificates entirely. That's in the best case, it the
worse case they either got hacked at some point or messed up their PKI
trees with who issued what when at which time and to whom...good luck
with that.
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20140213/ae6f89f2/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
Url : https://cabforum.org/pipermail/public/attachments/20140213/ae6f89f2/attachment.bin
More information about the Public
mailing list