[cabfpub] [therightkey] Updated Certificate Transparency + Extended Validation plan

Ryan Sleevi sleevi at google.com
Wed Feb 5 02:48:40 UTC 2014


On Tue, Feb 4, 2014 at 6:38 PM, Jeremy Rowley <jeremy.rowley at digicert.com>wrote:

> I’m confused as well.  Does that mean Android will start showing an EV
> indicator?
>
>
>
> *From:* therightkey [mailto:therightkey-bounces at ietf.org] *On Behalf Of *Wayne
> Thayer
> *Sent:* Tuesday, February 04, 2014 7:33 PM
> *To:* Ryan Sleevi
> *Cc:* therightkey at ietf.org; Ben Laurie;
> certificate-transparency at googlegroups.com; CABFPub
> *Subject:* Re: [therightkey] [cabfpub] Updated Certificate Transparency +
> Extended Validation plan
>
>
>
>
>
> Hi Wayne,
>
>
>
> Considering we already do not indicate EV on Android, nor have we ever, I
> don't think this perceived loss of functionality is as significant as you
> may believe.
>
>
>
> Further, considering the very real and distinct performance
> characteristics of mobile (radio warmups, RTTs, initcwnds), the idea of
> fetching OCSP, or, worse, CRLs - especially when some CAs have CRLs that
> are quite large (20+ MB) - in order to assure the EV display is...
> non-ideal. So again, the EV indicator on mobile is not as strong or as
> present as it may be on desktop platforms.
>
>
>
> In that case, what does this statement mean?
>
>
>
> Chrome for mobile platforms will cease to show EV indicators for
> certificates that are not CT qualified according to the criteria below.
>

It means that for any CAs that hope to be recognized as EV on Chrome for
mobile platforms (which include iOS), implementing CT by the dates outlined
is seen as a requirement for such treatment. We wanted to specifically call
attention to this - the whitelist is seen as a temporary measure for
Desktop, but given the unique characteristics of mobile platforms, we're
pursuing this requirement at a more aggressive pace.

While Chrome for Android - and the Chrome-based WebView, as the WebView
preceding it - do not provide special treatment for EV, any future plans
for EV indications on these platforms have incorporated the above
requirements and dates.


>
>
>
>
>
>
> -----Original Message-----
> From: therightkey [mailto:therightkey-bounces at ietf.org] On Behalf Of Ben
> Laurie
> Sent: Tuesday, February 04, 2014 10:08 AM
> To: CABFPub; certificate-transparency at googlegroups.com;
> therightkey at ietf.org
>
> Subject: [therightkey] Updated Certificate Transparency + Extended
> Validation plan
>
> Enclosed, our revised plan.
>
> Comments welcome.
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140204/e274a289/attachment-0003.html>


More information about the Public mailing list