[cabfpub] CA-Browser Forum conference call on January 7th - misissued certificates

Ryan Sleevi sleevi at google.com
Fri Jan 8 18:00:15 UTC 2016

On Fri, Jan 8, 2016 at 4:26 AM, Sigbjørn Vik <sigbjorn at opera.com> wrote:

> There were some concerns at yesterday's meeting that this ballot would
> make the CA/B Forum into a publisher of information, not just a
> standards organization. An alternative to ensuring public notification
> through a CA/B Forum operated mailing list, would be that CAs put a link
> in their CPS to where they will publish such information.
> The downside is that there would then be no central offical list, but
> the information will still get out there. There might also be
> organizations which want to collect and publish a complete set from all
> CAs.
> I hope this will allay concerns about the CA/B Forum being involved in
> the publications themselves.

This mostly seems like a way for CAs to avoid transparency; based on the
current practices with respect to disclosing intermediates, it's clear that
a number of CAs are having trouble following root program requirements with
respect to disclosure and documentation.

I find it interesting that the CA/Browser Forum would have an entire
workgroup dedicated to information sharing, but then be opposed to sharing
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160108/32472b68/attachment-0003.html>

More information about the Public mailing list