[cabfpub] [Ext] Re: List of which CAs use which methods from Section 188.8.131.52?
tim.hollebeek at digicert.com
Fri Jul 13 05:07:32 MST 2018
Also, in response to "any good estimates", just so relying parties have more
public information on this important issue, I can mention that Method 1 is
(in our case, was) absurdly common; far more common than most people think.
The rest is pretty evenly scattered across the methods you would expect
(DNS, email, phone).
> -----Original Message-----
> From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Paul
> Hoffman via Public
> Sent: Thursday, July 12, 2018 1:13 PM
> To: CA/Browser Forum Public Discussion List <public at cabforum.org>
> Subject: Re: [cabfpub] [Ext] Re: List of which CAs use which methods from
> Section 184.108.40.206?
> On Jul 12, 2018, at 12:51 PM, Wayne Thayer <wthayer at mozilla.com> wrote:
> > Paul- can explain your use case for this information? That might help us
> determine if the proposal is worth pursuing.
> There are communities who use certificates who trust some BR-allowed
> methods more than others. Some of the methods are more prone to BGP
> rerouting than others, for example.
> At this point, I don't have any good estimates for them to indicate how
> CAs use which method, much less how many certificates in common use are
> likely to use particular methods. As Ryan pointed out, transparency here
> pretty low. That affects users' trust of CAs in general, and it would be
grand if I
> could say "here's what the relying parties know about the certificates in
> --Paul Hoffman
> Public mailing list
> Public at cabforum.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4940 bytes
Desc: not available
More information about the Public