[cabfpub] Ballot 109 - Create SSL Performance Working Group

Gervase Markham gerv at mozilla.org
Tue Oct 15 02:17:52 MST 2013


On 15/10/13 05:34, Ben Wilson wrote:
> Ballot 109 – Create SSL Performance Working Group

Two instances of the same feedback makes a quorum; I'd like to modify my
ballot to add a reference to security.

I have used the word "acceptable" because to say anything more specific
would be to prejudge the discussions of the group. If members feel the
resulting advice does not lead to acceptable security, they would be
free to vote against adopting the documents. I don't want to say "best",
because e.g. 4096 is, in some small way, 'more secure' than 2048 but
almost certainly not enough so for this document to advise using slower
all-4096-bit chains.

New text:

> Scope: the Working Group shall consider all matters having a bearing on

the performance of

> software deployments which use SSL and the Web PKI. Examples might
> include: certificate contents, choice of proposed ciphers, webserver
> configuration, and OCSP configuration.
>
> Deliverables: the Working Group shall produce one or more documents
> giving best practice guidance for getting the best performance from a
> SSL deployment which uses the Web PKI

, while still providing acceptable levels of security.


Gerv


More information about the Public mailing list