[cabfpub] [Ext] Re: List of which CAs use which methods from Section 3.2.2.4?

Tim Hollebeek tim.hollebeek at digicert.com
Fri Jul 13 11:48:57 UTC 2018


We're seriously considering implementing this proposal well in advance of
whatever deadline is set.

We think transparency in this area is important for some of the exact same
reasons Paul describes.

-Tim

> -----Original Message-----
> From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Paul
> Hoffman via Public
> Sent: Thursday, July 12, 2018 1:13 PM
> To: CA/Browser Forum Public Discussion List <public at cabforum.org>
> Subject: Re: [cabfpub] [Ext] Re: List of which CAs use which methods from
> Section 3.2.2.4?
> 
> On Jul 12, 2018, at 12:51 PM, Wayne Thayer <wthayer at mozilla.com> wrote:
> > Paul- can explain your use case for this information? That might help us
> determine if the proposal is worth pursuing.
> 
> There are communities who use certificates who trust some BR-allowed
> methods more than others. Some of the methods are more prone to BGP
> rerouting than others, for example.
> 
> At this point, I don't have any good estimates for them to indicate how
many
> CAs use which method, much less how many certificates in common use are
> likely to use particular methods. As Ryan pointed out, transparency here
is
> pretty low. That affects users' trust of CAs in general, and it would be
grand if I
> could say "here's what the relying parties know about the certificates in
use".
> 
> --Paul Hoffman
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://clicktime.symantec.com/a/1/1kVJSPrvPO1NCgx0TAV0VA7VwN2tHYzrrg
> ZPFB7WGRk=?d=96uoE8KZaLGQTDiYffuzulg9lgr5FtS5CUtwYRiZ-
> hiVoILZRr9Zv_CpIaGbzyTUterSqsHJwA-o5L-dE-MLjHl6aqJ5G5n-cjbkA_nWYKsl-
> 9bgJX3ZHnFvWIRARmLSdQSlvCHw5OlLs9CLcUoGG_hqUFzSTcdA_kTzRtt8VqAO
> q8fTSjwkDlBzwFHjKoIaUAZX6LZiJ3IOdgA4zWy3C3fTeV3oNRHddgupQ3VnzAam
> ELWcZ4BosSjIzYl6XKVSrwrHPSsnPwsd2EwVooGfv3ETn54xgRdqV14vGX7SthjcF
> CYRK_R76kq3vbuZ9d6ktyOH-
> 2dRHcpEKbDZDEDgJAechi5ZQYLgbNNF98FHBX6bIAHLs4u73Treoc0p3np8aTnpY
> _bh1H8cvxvLavOYrFnzpEW-
> tn8ZwOo5OOkBbGlr3UirdpvdBMkPNTiL7YhxnA%3D%3D&u=https%3A%2F%2F
> cabforum.org%2Fmailman%2Flistinfo%2Fpublic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4940 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180713/49b1c8ac/attachment-0003.p7s>


More information about the Public mailing list