<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body ><div>Hi Eddy,</div><div><br></div><div>According to Ryan CT should work without precerts (precerts are preferred but ocsp responses should be sufficient), however I haven't looked to this option closely yet.</div><div><br></div><div>Thanks,</div><div>M.D.</div><div><br></div><div><br></div><div><div style="font-size:75%;color:#575757">Sent from Samsung Mobile</div></div><br><br><br>-------- Original message --------<br>From: "Eddy Nigg (StartCom Ltd.)" <eddy_nigg@startcom.org> <br>Date: 21/02/2014 01:35 (GMT-08:00) <br>To: Ryan Sleevi <sleevi@google.com> <br>Cc: Dean Coclin <Dean_Coclin@symantec.com>,Rick Andrews <Rick_Andrews@symantec.com>,public@cabforum.org <br>Subject: Re: [cabfpub] CT discussion at CABF <br> <br><br>
<br>
On 02/21/2014 05:46 AM, From Ryan Sleevi:
<blockquote cite="mid:CACvaWvaGF61JXzFAWAA-1hJ1dHgoWE_DNY0okTSLi29pCC32qQ@mail.gmail.com" type="cite">
<div dir="ltr">I want to avoid that situation, because it's clear
you're unhappy, but it's inevitable without more constructive
feedback.
<div class="gmail_extra">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div link="blue" vlink="purple" lang="EN-US">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"></span></p>
<p><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><span>-<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Don’t
rush into this, because we’re likely to make
mistakes if we have to rush. Not just the CAs;
there are a lot of moving parts here. I heard
someone say “you can’t make fundamental changes to
a complex trust system very quickly”.</span></p>
</div>
</div>
</blockquote>
<div>While I can appreciate a sentiment of "Don't rush",
this is a very vague sentiment that is not actionably
concrete. What, for example, constitutes a rush?</div>
</div>
</div>
</div>
</blockquote>
<br>
For me it's when CT can be supported without the need of
pre-certificates. The time it requires to update third party
software is basically the right time.<br>
<br>
<br>
<div class="moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, COO/CTO</td>
</tr>
<tr>
<td> </td>
<td><a href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>XMPP: </td>
<td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Twitter: </td>
<td><a href="http://twitter.com/eddy_nigg">Follow Me</a></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
<br>
</body>