<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Feb 4, 2014 at 6:38 PM, Jeremy Rowley <span dir="ltr"><<a href="mailto:jeremy.rowley@digicert.com" target="_blank">jeremy.rowley@digicert.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I’m confused as well. Does that mean Android will start showing an EV indicator?<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><div><div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> therightkey [mailto:<a href="mailto:therightkey-bounces@ietf.org" target="_blank">therightkey-bounces@ietf.org</a>] <b>On Behalf Of </b>Wayne Thayer<br>
<b>Sent:</b> Tuesday, February 04, 2014 7:33 PM<br><b>To:</b> Ryan Sleevi<br><b>Cc:</b> <a href="mailto:therightkey@ietf.org" target="_blank">therightkey@ietf.org</a>; Ben Laurie; <a href="mailto:certificate-transparency@googlegroups.com" target="_blank">certificate-transparency@googlegroups.com</a>; CABFPub<br>
<b>Subject:</b> Re: [therightkey] [cabfpub] Updated Certificate Transparency + Extended Validation plan<u></u><u></u></span></p></div></div><div><div class="h5"><p class="MsoNormal"><u></u> <u></u></p><blockquote style="border:none;border-left:solid #b5c4df 4.5pt;padding:0in 0in 0in 4.0pt;margin-left:3.75pt;margin-right:0in">
<div><div><div><blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in"><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif""><u></u> <u></u></span></p>
</div></blockquote><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif"">Hi Wayne,<u></u><u></u></span></p></div><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif""><u></u> <u></u></span></p>
</div><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif"">Considering we already do not indicate EV on Android, nor have we ever, I don't think this perceived loss of functionality is as significant as you may believe.<u></u><u></u></span></p>
</div><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif""><u></u> <u></u></span></p></div><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif"">Further, considering the very real and distinct performance characteristics of mobile (radio warmups, RTTs, initcwnds), the idea of fetching OCSP, or, worse, CRLs - especially when some CAs have CRLs that are quite large (20+ MB) - in order to assure the EV display is... non-ideal. So again, the EV indicator on mobile is not as strong or as present as it may be on desktop platforms.<u></u><u></u></span></p>
</div></div></div></div></blockquote><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif""><u></u> <u></u></span></p></div><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif"">In that case, what does this statement mean?<u></u><u></u></span></p>
</div><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif""><u></u> <u></u></span></p></div><div><p style="margin:0in;margin-bottom:.0001pt"><span style="font-size:8.5pt;font-family:"Helvetica","sans-serif"">Chrome for mobile platforms will cease to show EV indicators for certificates that are not CT qualified according to the criteria below.</span></p>
</div></div></div></div></div></blockquote><div><br></div><div>It means that for any CAs that hope to be recognized as EV on Chrome for mobile platforms (which include iOS), implementing CT by the dates outlined is seen as a requirement for such treatment. We wanted to specifically call attention to this - the whitelist is seen as a temporary measure for Desktop, but given the unique characteristics of mobile platforms, we're pursuing this requirement at a more aggressive pace.</div>
<div><br></div><div>While Chrome for Android - and the Chrome-based WebView, as the WebView preceding it - do not provide special treatment for EV, any future plans for EV indications on these platforms have incorporated the above requirements and dates.</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-US" link="blue" vlink="purple"><div><div><div class="h5"><div><p style="margin:0in;margin-bottom:.0001pt">
<span style="font-size:8.5pt;font-family:"Helvetica","sans-serif""><u></u><u></u></span></p><p style="margin:0in;margin-bottom:.0001pt"><span style="font-size:8.5pt;font-family:"Helvetica","sans-serif""><u></u> <u></u></span></p>
<p style="margin:0in;margin-bottom:.0001pt"><span style="font-size:8.5pt;font-family:"Helvetica","sans-serif""><u></u> <u></u></span></p></div><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif""><u></u> <u></u></span></p>
</div><blockquote style="border:none;border-left:solid #b5c4df 4.5pt;padding:0in 0in 0in 4.0pt;margin-left:3.75pt;margin-right:0in"><div><div><div><div><div><blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif"">-----Original Message-----<br>From: therightkey [mailto:<a href="mailto:therightkey-bounces@ietf.org" target="_blank">therightkey-bounces@ietf.org</a>] On Behalf Of Ben<br>
Laurie<br>Sent: Tuesday, February 04, 2014 10:08 AM<br>To: CABFPub; <a href="mailto:certificate-transparency@googlegroups.com" target="_blank">certificate-transparency@googlegroups.com</a>;<br><a href="mailto:therightkey@ietf.org" target="_blank">therightkey@ietf.org</a><u></u><u></u></span></p>
</div><div><p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif"">Subject: [therightkey] Updated Certificate Transparency + Extended<br>Validation plan<u></u><u></u></span></p>
</div><div><div><p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif"">Enclosed, our revised plan.<br><br>Comments welcome.<u></u><u></u></span></p>
</div></div><div><div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif"">_______________________________________________<br>Public mailing list<br><a href="mailto:Public@cabforum.org" target="_blank">Public@cabforum.org</a><br>
<a href="https://cabforum.org/mailman/listinfo/public" target="_blank">https://cabforum.org/mailman/listinfo/public</a><u></u><u></u></span></p></div></div></blockquote></div><p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Calibri","sans-serif""><u></u> <u></u></span></p>
</div></div></div></div></blockquote></div></div></div></div></blockquote></div><br></div></div>