[cabfpub] Slides from F2F
pzb at amzn.com
Sun Oct 23 14:19:07 MST 2016
One thing I forgot to put in the Privacy and Transparency slides is that the association of a domain with a CA might be sensitive. Jody gave the example of a new product launch. For organizations with publicly trusted subordinate Enterprise CAs, even certificates with no subject information can give away details. Consider if Contoso Corp operates Contoso Internet Authority which only issues certificates for Contoso systems. If they issue for fabrikam.com, then this could be notable in and of itself, as it may indicate Contoso is acquiring Fabrikam.
> On Oct 22, 2016, at 8:51 AM, Peter Bowen via Public <public at cabforum.org> wrote:
> It was great meeting everyone in person this week.
> Here are the slides for the four sessions I led this week.
> <Beyond FIPS.pdf><NCSSR-slides.pdf><SubCA-slides.pdf><Transparency-Privacy-slides.pdf>_______________________________________________
> Public mailing list
> Public at cabforum.org
More information about the Public