[cabfpub] Updated Certificate Transparency + ExtendedValidationplan
Eddy Nigg
eddy_nigg at startcom.org
Fri Mar 6 13:05:15 MST 2015
On 03/06/2015 05:46 PM, Rob Stradling wrote:
> (*) Unless the certificate holder's TLS server supports the RFC6962
> signed_certificate_timestamp TLS extension or OCSP Stapling (and the
> CA embeds SCTs into OCSP Responses). Both of these possibilities are
> likely to be rare at the moment.
The latter two are the options we are most interested in - but actually
I'm not sure if including CT with OCSP is ready for showtime and honored
by Chrome....who knows more about it?
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20150306/1812c06f/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
Url : https://cabforum.org/pipermail/public/attachments/20150306/1812c06f/attachment.bin
More information about the Public
mailing list