[cabfpub] Potential F2F Topics
rob.stradling at comodo.com
Tue Oct 11 10:36:09 UTC 2016
On 10/10/16 23:01, Peter Bowen wrote:
> While I think the IETF is the right place for technical work on redaction, the IETF explicitly avoids work on policy.
> In the realm of CT, 6962bis section 4.2 includes the option to log a name-constrained intermediate CA in place of logging end-entity certificates. There has be no move to remove this from 6962bis. Assuming this remains included in the final RFC, does that mean Chrome will treat such certificates as logged?
> I agree that there should be discussion in less “insular” forums, but I also think there is value in discussion at the F2F.
ISTM that discussions on redaction have reached something of an impasse
lately. I don't see how TRANS can make any further useful progress on
redaction until there's at least some sort of a plan for addressing the
policy issues. And, as Peter noted, that ain't gonna happen at the IETF.
Plenty of IETF-related work happens first behind closed doors and then
is fed into the public IETF workspace for further comment and refinement.
I'll be blunt: Having you in the same room as representatives from
Symantec for a lively discussion seems to me like our best chance of
making any progress. :-)
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public