[cabfpub] Question on CT: Monitoring

Eddy Nigg (StartCom Ltd.) eddy_nigg at startcom.org
Mon Jan 6 10:56:09 UTC 2014

On 01/06/2014 12:17 PM, From Rob Stradling:
> Are you saying that you require a certain proportion of your 
> subscribers to use 4096-bit keys?

No, not yet - but we require minimum 2K keys....

> The cut-off date for <2048-bit keys was a few days ago.  May 2013 was 
> before the deadline, not after.

...since 2008!

>> And I can give you a couple of more such examples if you want, 
>> setting the
>> bar clearly higher.
> Please do.

No internal host names and IP addresses.
No long living certificates.
Validation requirement for certain purposes (as in code signing).
And more...

> I don't want you to speak for Google either.  I only asked you to 
> speak for yourself.  ;-)

That's what I do - CT is Google's project and if they have to say 
something they'll probably do that without hesitation :-)

Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140106/def1e9d2/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140106/def1e9d2/attachment-0001.p7s>

More information about the Public mailing list