[cabfpub] CT discussion at CABF

Moudrick M. Dadashov md at ssc.lt
Fri Feb 21 16:04:33 UTC 2014

Hi Eddy,

According to Ryan CT should work without precerts (precerts are preferred but ocsp responses should be sufficient), however I haven't looked to this option closely yet.


Sent from Samsung Mobile

-------- Original message --------
From: "Eddy Nigg (StartCom Ltd.)" <eddy_nigg at startcom.org> 
Date: 21/02/2014  01:35  (GMT-08:00) 
To: Ryan Sleevi <sleevi at google.com> 
Cc: Dean Coclin <Dean_Coclin at symantec.com>,Rick Andrews <Rick_Andrews at symantec.com>,public at cabforum.org 
Subject: Re: [cabfpub] CT discussion at CABF 

On 02/21/2014 05:46 AM, From Ryan Sleevi:
I want to avoid that situation, because it's clear you're unhappy, but it's inevitable without more constructive feedback.

-          Don’t rush into this, because we’re likely to make mistakes if we have to rush. Not just the CAs; there are a lot of moving parts here. I heard someone say “you can’t make fundamental changes to a complex trust system very quickly”.

While I can appreciate a sentiment of "Don't rush",               this is a very vague sentiment that is not actionably concrete. What, for example, constitutes a rush?

For me it's when CT can be supported without the need of pre-certificates. The time it requires to update third party software is basically the right time.

Signer: 	Eddy Nigg, COO/CTO
 	StartCom Ltd.
XMPP: 	startcom at startcom.org
Blog: 	Join the Revolution!
Twitter: 	Follow Me
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140221/fbb3649f/attachment-0003.html>

More information about the Public mailing list