[cabfpub] CA-Browser Forum conference call on January 7th - misissued certificates
Ryan Sleevi
sleevi at google.com
Fri Jan 8 11:00:15 MST 2016
On Fri, Jan 8, 2016 at 4:26 AM, Sigbjørn Vik <sigbjorn at opera.com> wrote:
> There were some concerns at yesterday's meeting that this ballot would
> make the CA/B Forum into a publisher of information, not just a
> standards organization. An alternative to ensuring public notification
> through a CA/B Forum operated mailing list, would be that CAs put a link
> in their CPS to where they will publish such information.
>
> The downside is that there would then be no central offical list, but
> the information will still get out there. There might also be
> organizations which want to collect and publish a complete set from all
> CAs.
>
> I hope this will allay concerns about the CA/B Forum being involved in
> the publications themselves.
>
This mostly seems like a way for CAs to avoid transparency; based on the
current practices with respect to disclosing intermediates, it's clear that
a number of CAs are having trouble following root program requirements with
respect to disclosure and documentation.
I find it interesting that the CA/Browser Forum would have an entire
workgroup dedicated to information sharing, but then be opposed to sharing
information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20160108/32472b68/attachment.html
More information about the Public
mailing list