[cabf_validation] Validation Summit Takeaways

Tim Hollebeek tim.hollebeek at digicert.com
Mon Mar 12 10:33:01 MST 2018

I think this is a great strategy.




From: Validation [mailto:validation-bounces at cabforum.org] On Behalf Of Doug Beattie via Validation
Sent: Monday, March 12, 2018 10:27 AM
To: Wayne Thayer <wthayer at mozilla.com>; CA/Browser Forum Validation WG List <validation at cabforum.org>
Subject: Re: [cabf_validation] Validation Summit Takeaways


Hi Wayne,


During the meetings we discussed threats and vulnerabilities and we should continue documenting them per each method.  Since this won’t be a reflection of the meeting (can’t be in the meeting notes), where do you suggest we build on what was discussed so everyone understands the risks of the methods?  


For example, I think if we better understand the attacks possible for method 1, we may be able to specify sufficient safeguards (same for methods 9 and 10 with the addition of ALPN).  I think your Google Doc jumps to the recommended solutions without discussing the issues with the method as it stands.  I recommend adding a table to each method before you get into the details with:

*	Risk – what can go wrong
*	Mitigation: How do you reduce the risk (which might contain the items you’ve listed already
*	Discussion – how we think this mitigation works, or doesn’t. 


I’ll go ahead and do this for method 9 and you can accept, comment, or REJECT my suggestions :)  If this is the way to proceed, then the person that presented the methods might want to do the same.




From: Validation [mailto:validation-bounces at cabforum.org] On Behalf Of Wayne Thayer via Validation
Sent: Wednesday, March 7, 2018 9:26 AM
To: CA/Browser Forum Validation WG List <validation at cabforum.org <mailto:validation at cabforum.org> >
Subject: [cabf_validation] Validation Summit Takeaways


Thanks to everyone who participated in the validation summit yesterday. I've heard a number of positive remarks on the amount of progress we made.


The list of action items that we reviewed at the end of the day is at:




Feel free to add comments to the document.


The next step for the Validation Working Group is to prioritize the work and then begin drafting and discussing ballots that implement these improvements.





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20180312/5ab0318f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4940 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/validation/attachments/20180312/5ab0318f/attachment-0001.p7s>

More information about the Validation mailing list