[cabfpub] Updated Certificate Transparency + ExtendedValidationplan

Eddy Nigg eddy_nigg at startcom.org
Fri Mar 6 20:05:15 UTC 2015


On 03/06/2015 05:46 PM, Rob Stradling wrote:
> (*) Unless the certificate holder's TLS server supports the RFC6962 
> signed_certificate_timestamp TLS extension or OCSP Stapling (and the 
> CA embeds SCTs into OCSP Responses).  Both of these possibilities are 
> likely to be rare at the moment.

The latter two are the options we are most interested in - but actually 
I'm not sure if including CT with OCSP is ready for showtime and honored 
by Chrome....who knows more about it?

-- 
Regards
Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150306/1812c06f/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150306/1812c06f/attachment-0001.p7s>


More information about the Public mailing list