[cabfpub] [cabfman] Improving the security of EV Certificates
sleevi at google.com
Wed Dec 18 22:47:06 UTC 2013
On Dec 18, 2013 2:39 PM, "Eddy Nigg (StartCom Ltd.)" <eddy_nigg at startcom.org>
> On 12/19/2013 12:33 AM, From Hill, Brad:
>> Either I'm very naive or don't understand what you are up to here...
>> [Hill, Brad] I think that’s why Ryan suggested you review at least the
current draft of the pinning spec at the IETF.
> What I'm talking about doesn't need a spec and we aren't talking about
the same thing as I suspected.
> Of course one can make everything unnecessarily complicated...it's like
inventing a machine that scratches my back requiring a machinery of two
rooms when I could simply take my pencil to do the same.
At this point, I fear no one understands what you mean then, because you
keep calling it pinning, which you readily admit its not and that you are
not familiar with / do not understand the thing everyone else is calling
As such, without a clear understanding of what you propose (preferably
something not called pinning, so we can avoid this confusion), suggestions
that somehow this undocumented solution is a viable alternative to CT just
seems... obstructionist or argumentative?
I'd be thrilled if you could put to paper what your idea of pinning is,
since I fear we have just spent significant effort explaining something
that you feel it isn't.
> Eddy Nigg, COO/CTO
> StartCom Ltd.
> startcom at startcom.org
> Join the Revolution!
> Follow Me
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public