[Servercert-wg] Ballot SC22: Reduce Certificate Lifetimes
Tobias S. Josefowitz
tobij at opera.com
Mon Aug 19 16:52:08 MST 2019
On Mon, 19 Aug 2019, Ryan Sleevi wrote:
> Part of the concern is that while DigiCert's post in this thread didn't
> acknowledge the selection method, DigiCert's past communications from
> not-yet-public calls made it clear that they were not after an objective
> selection, and were carefully curating the list of customers solicited for
> feedback. That is, while presented as "a customer survey" and "an
> overwhelming number of customers", it was in fact a limited sample of
> certain "high-value" customers, and thus at best "an overwhelming number of
> hand-selected customers who responded to the survey".
> While I certainly understand that academic rigor is not the objective here,
> it's important to consider these facts when evaluating the results DigiCert
> shared. I also wanted to help DigiCert here; as they're laboriously working
> to summarize respondents' free-form text results, if the survey was
> spoiled, or if the desired objective was fundamentally unobtainable due to
> the selection method, perhaps it's not worth that effort and not worth
> further discussion? That surely would save time and energy, which could
> then be used for more productive engagement?
I will explicitely refrain from sharing my opinion regarding CA's
possibilities for community outreach and communication of the motivation
of the proposed shortening of certificate lifetimes.
However, in my eyes, there can be no doubt that this change is/will be
vastly unpopular with web site operators by the numbers, and I do not
think that, in this regard, conducting surveys to begin with will add much
perspective, nor do I think that debating the merits of any such survey
should or could possibly be focal to the issue.
That is, unless you would change your perspective on the issue if a clean
survey roughly reproduced the results presented by digicert. In which
case, by all means, we should go for it. Otherwise, maybe we should just
shortcut this and possibly come to f.x. the understanding that we do not
expect universal acclaim for this proposal from site operators, never
expected it to receive such universal acclaim, that it was instead
proposed on different merits entirely and move on in the discssion.
More information about the Servercert-wg