[cabfpub] Question on CT: Monitoring

kirk_hall at trendmicro.com kirk_hall at trendmicro.com
Fri Dec 20 03:26:37 UTC 2013

Ryan – on this one narrow point below – I would estimate that 99.9% of site owners / CA customers do not believe they are at any risk of false certificate issuance for their domains and do now want or expect their issuing CAs to be (voluntarily and unasked) monitoring all the CT logs in the world for them.

Plus (based on an earlier hypothetical in an email), I expect some (many?) of our customers would be at least mildly offended if our company (who supplies them with certs in North America, let’s say) suddenly emailed them with the message “Hey, we noticed some certs for your domains issued by some small CA in Europe – those must be fake, right?” and would see it as a pretty heavy handed marketing effort by us to capture 100% of their SSL business.

I really don’t see that kind of CT log monitoring as a useful or welcome market service to most SSL customers, unless they specifically ask a CA to monitor all the CT logs in the world for them and send them reports.  I predict most customers won’t be very interested in this service (especially if there is a fee), but who knows?

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Ryan Sleevi
Sent: Thursday, December 19, 2013 8:17 PM
To: Rick Andrews
Subject: Re: [cabfpub] Question on CT: Monitoring

“What is the reasoning behind the belief that most monitors will be operated by CAs?” My guess is that it’s because we have the relationship with the customer.

Exactly that. CAs are in the best position to know who their customers are, and already have channels with their customers. Whether or not a CA cares about protecting their users against misissuance is, of course, up to each individual CA, but considering how much has been said about the need to "restore trust in the ecosystem" - much of which has been lost due to CA misissuance or misbehaviour - it seems very much in line with the business interests of CAs to offer this.

<table class="TM_EMAIL_NOTICE"><tr><td><pre>
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131220/ffd58ee6/attachment-0003.html>

More information about the Public mailing list