[cabfpub] [cabfman] Improving the security of EV Certificates
Ryan Sleevi
sleevi at google.com
Wed Dec 18 15:47:06 MST 2013
On Dec 18, 2013 2:39 PM, "Eddy Nigg (StartCom Ltd.)" <eddy_nigg at startcom.org>
wrote:
>
>
> On 12/19/2013 12:33 AM, From Hill, Brad:
>>
>>
>> Either I'm very naive or don't understand what you are up to here...
>>
>>
>>
>> [Hill, Brad] I think that’s why Ryan suggested you review at least the
current draft of the pinning spec at the IETF.
>>
>>
>>
>> http://tools.ietf.org/html/draft-ietf-websec-key-pinning-09
>
>
> What I'm talking about doesn't need a spec and we aren't talking about
the same thing as I suspected.
>
> Of course one can make everything unnecessarily complicated...it's like
inventing a machine that scratches my back requiring a machinery of two
rooms when I could simply take my pencil to do the same.
>
>
Eddy,
At this point, I fear no one understands what you mean then, because you
keep calling it pinning, which you readily admit its not and that you are
not familiar with / do not understand the thing everyone else is calling
pinning.
As such, without a clear understanding of what you propose (preferably
something not called pinning, so we can avoid this confusion), suggestions
that somehow this undocumented solution is a viable alternative to CT just
seems... obstructionist or argumentative?
I'd be thrilled if you could put to paper what your idea of pinning is,
since I fear we have just spent significant effort explaining something
that you feel it isn't.
Cheers,
Ryan
>
> Regards
>
> Signer:
> Eddy Nigg, COO/CTO
>
> StartCom Ltd.
> XMPP:
> startcom at startcom.org
> Blog:
> Join the Revolution!
> Twitter:
> Follow Me
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20131218/4dc863aa/attachment.html
More information about the Public
mailing list