[cabfpub] New RFC on CT Domain Label Redaction
rob.stradling at comodo.com
Mon Nov 6 14:20:35 UTC 2017
On 03/11/17 23:23, Kirk Hall via Public wrote:
> Entrust, Secom, Comodo, and other CAs will be asking the IETF TRANS
> Working Group to revive work on a new RFC to complete specifications for
> CT Domain Label Redaction (called “Redaction” for short in this
> message). The new RFC would only cover technical issues and not policy
> The RFC for Certificate Transparency, RFC 6962, started to address
> Redaction, but never completed the work because of policy issues that
> were raised about “recourse”, or how domain owners would be able to
> obtain information about redacted certificates that were CT logged to
> determine if they were legitimate or misissued.
> This email is to lay out the course we want to follow to complete the
> technical specs for Redaction in the IETF, and also to address the
> recourse issues and consider appropriate changes to the Forum’s Baseline
> Requirements in response.
> *_1. New IETF effort on completing Redaction specifications via a new RFC_*
> Tadahiko of Secom and Rob Stradling of Comodo are working on a new I-D
> draft on Redaction that will be presented to the IETF TRANS Working
> Group for consideration. Tadahiko will present the draft at the next
> IETF meeting in Singapore in mid-November.
Just to clarify my involvement:
Tadahiko has written an I-D  that focuses on some specific use cases
for domain label redaction. These are the use cases that Tadahiko is
most interested in, and so naturally these are the use cases that he
wants to talk about at IETF100 in Singapore.
The domain label redaction I-D  that was spun out of 6962-bis has
expired, but I would be willing to resume working on it *if* progress
can first be made on addressing the policy concerns raised by Google
last year and *if* some other folks will volunteer to help with the effort.
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public