Re: [therightkey] Updated Certificate Transparency + Extended Validation plan
Ben Laurie <benl@google.com> Sat, 08 February 2014 13:13 UTC
Return-Path: <benl@google.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D1271A02CC for <therightkey@ietfa.amsl.com>; Sat, 8 Feb 2014 05:13:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.027
X-Spam-Level:
X-Spam-Status: No, score=-0.027 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RHytc5cPLskK for <therightkey@ietfa.amsl.com>; Sat, 8 Feb 2014 05:13:50 -0800 (PST)
Received: from mail-vb0-x233.google.com (mail-vb0-x233.google.com [IPv6:2607:f8b0:400c:c02::233]) by ietfa.amsl.com (Postfix) with ESMTP id D22371A02C3 for <therightkey@ietf.org>; Sat, 8 Feb 2014 05:13:49 -0800 (PST)
Received: by mail-vb0-f51.google.com with SMTP id 11so3433695vbe.24 for <therightkey@ietf.org>; Sat, 08 Feb 2014 05:13:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Jf/ZZzGhPkdOdY03sMr+dO4mVSEABz45LEbcwWnUFkk=; b=EXcXpBk944M1+oDUBKGyyCXu7YBEqPRfiFW/a1L0YIScHGzSNrOpcF9CtcTkfbUe+m hhgL4zR3b6Mh1hHM0pVdkRJy1/E+M9tfBbzpwVvzVOObcA7+8nZz2i4JSy40F8lgt7ZF gVevffQiOFOWzlOd8sq07cJa/0E2ZppzTNhgekK8J1puA7g/7RgGUaAiuBTcV3QB7S7Z aBzOAeDi8z0rMzWXjqWM0q+LxbDgkeMbFOv1BDBA2A2YfSkC3W1lbR2SpFFVU1PY0NUm eKZbs8l1DUUVTRz4u7BN6FSRdrgPbmBUO7kxBBGMOh8BQdPX1d+8KRfVt1lOeQFFQ8PM ai4g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Jf/ZZzGhPkdOdY03sMr+dO4mVSEABz45LEbcwWnUFkk=; b=AqPGgqV0S5Z53doXRcWV+2tKEc8Tpw0L4M8q4HEiNbgWvTsk1B1zGBKObL8Uon3CkV wlTAlr7vRdczMsvme5TtzF7Z7KPGvUM2DacOmlgWJ4IWGAfOVtxRUK5iZzR6CIHhEjqv E0XHm5dACgJCWC3klCyKjEZb2RJURBSsPOru8W2z2ClwTUm6OeoyMFIdzqW7hpOa6RvO +DwXjJ7IyjkUpPc/d4gPU5a1ly72Emh1oNtUfT+/eYcO5pdrZK3YiGBO20QmzoahfbYF Ba/Od2D6OWMQsddRbhxZLuwF0uMjWfbWTaU5SOyQCsbQuBobVZ6xWEmtwQdrY82u4Bog flwg==
X-Gm-Message-State: ALoCoQljAasUEvGRUqBH8cehowqwYgB/ZFCp5fvgE/9PPqKBhX8Zg3iVppWWDOUtsISKOBNKjpDvbqgKBgUD1tiAjM4sWEosWzXHOe/Xiijc2B93mzqbHUAraiLb8kQTVwmIVo6q2sJ7TZYpZXk8ODHBJa0kfayiQaEON7pv60VhE7/n2qIL1cZeZTaqsbIR7VmVFHUw11IN
MIME-Version: 1.0
X-Received: by 10.52.163.65 with SMTP id yg1mr12685297vdb.14.1391865230231; Sat, 08 Feb 2014 05:13:50 -0800 (PST)
Received: by 10.52.230.105 with HTTP; Sat, 8 Feb 2014 05:13:50 -0800 (PST)
In-Reply-To: <52F25835.60702@comodo.com>
References: <CABrd9STwBDxwB1vtmS9Ozb5e_7D=zfOqkOBeAaT2HG7X-cw5gw@mail.gmail.com> <52F25835.60702@comodo.com>
Date: Sat, 08 Feb 2014 13:13:50 +0000
Message-ID: <CABrd9SQwaj_-JJFvev_Gd36MfJ=iZ=uZn472Dtf+_yotaqC0RQ@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Rob Stradling <rob.stradling@comodo.com>
Content-Type: text/plain; charset="UTF-8"
Cc: "therightkey@ietf.org" <therightkey@ietf.org>, "certificate-transparency@googlegroups.com" <certificate-transparency@googlegroups.com>, CABFPub <public@cabforum.org>
Subject: Re: [therightkey] Updated Certificate Transparency + Extended Validation plan
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Feb 2014 13:13:51 -0000
On 5 February 2014 15:26, Rob Stradling <rob.stradling@comodo.com> wrote: > On 04/02/14 17:08, Ben Laurie wrote: >> >> Enclosed, our revised plan. >> >> Comments welcome. > > > Ben, > > Table 1 and Footnote 4 seem a bit confused, wrongly implying that 39-month > EV certs do exist and/or that >39-month non-EV certs don't exist. > >>27 month EV SSL certificates shouldn't exist, as per the EV Guidelines. > >>60 month non-EV SSL certificates shouldn't have been issued by any CA since >> the BRs came into effect. > >>39 month non-EV SSL certificates shouldn't be issued from 1st April 2015, >> as per the BRs. Yes, I will release a slightly updated version clarifying this (and other points) a bit more. > Also, what happened to the idea of only requiring 1 SCT for a 1-month cert? > > > -- > Rob Stradling > Senior Research & Development Scientist > COMODO - Creating Trust Online
- [therightkey] Updated Certificate Transparency + … Ben Laurie
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Adam Langley
- Re: [therightkey] [cabfpub] Updated Certificate T… Ryan Sleevi
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Adam Langley
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Ryan Sleevi
- Re: [therightkey] [cabfpub] Updated Certificate T… Adam Langley
- Re: [therightkey] [cabfpub] Updated Certificate T… Adam Langley
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Adam Langley
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Adam Langley
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Adam Langley
- Re: [therightkey] [cabfpub] Updated Certificate T… Ben Laurie
- Re: [therightkey] [cabfpub] Updated Certificate T… Ryan Sleevi
- Re: [therightkey] Updated Certificate Transparenc… Wayne Thayer
- Re: [therightkey] [cabfpub] Updated Certificate T… Ryan Sleevi
- Re: [therightkey] [cabfpub] Updated Certificate T… Wayne Thayer
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Ryan Sleevi
- Re: [therightkey] [cabfpub] Updated Certificate T… Wayne Thayer
- Re: [therightkey] [cabfpub] Updated Certificate T… Ryan Sleevi
- Re: [therightkey] [cabfpub] Updated Certificate T… Wayne Thayer
- Re: [therightkey] [cabfpub] Updated Certificate T… Ryan Sleevi
- [therightkey] Thoughts on reducing SCT sizes (was… Rob Stradling
- Re: [therightkey] Updated Certificate Transparenc… Ben Laurie
- Re: [therightkey] [cabfpub] Updated Certificate T… Rob Stradling
- Re: [therightkey] EXTERNAL: Re: [cabfpub] Updated… Mehner, Carl
- Re: [therightkey] Updated Certificate Transparenc… Rob Stradling
- Re: [therightkey] Updated Certificate Transparenc… Adam Langley
- Re: [therightkey] [cabfpub] Thoughts on reducing … Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Jeremy Rowley
- Re: [therightkey] [cabfpub] Updated Certificate T… Carl Wallace
- Re: [therightkey] Updated Certificate Transparenc… Paul Hoffman
- Re: [therightkey] Updated Certificate Transparenc… Adam Langley
- Re: [therightkey] [cabfpub] Updated Certificate T… Rob Stradling
- Re: [therightkey] Updated Certificate Transparenc… Paul Hoffman
- Re: [therightkey] Updated Certificate Transparenc… Rob Stradling
- Re: [therightkey] [cabfpub] Updated Certificate T… Rob Stradling
- Re: [therightkey] Updated Certificate Transparenc… Rick Andrews
- Re: [therightkey] Updated Certificate Transparenc… Adam Langley
- Re: [therightkey] [cabfpub] Updated Certificate T… Ryan Sleevi
- Re: [therightkey] [cabfpub] Updated Certificate T… michal.proszkiewicz
- Re: [therightkey] Updated Certificate Transparenc… Ben Laurie
- Re: [therightkey] [cabfpub] Updated Certificate T… Ben Laurie
- Re: [therightkey] [cabfpub] Updated Certificate T… Ben Laurie
- Re: [therightkey] Updated Certificate Transparenc… Ben Laurie
- Re: [therightkey] [cabfpub] Updated Certificate T… Rob Stradling
- Re: [therightkey] [cabfpub] Updated Certificate T… Ben Laurie
- Re: [therightkey] [cabfpub] Updated Certificate T… Rob Stradling
- Re: [therightkey] Updated Certificate Transparenc… Rick Andrews
- Re: [therightkey] [cabfpub] Updated Certificate T… Chema López González
- Re: [therightkey] Updated Certificate Transparenc… Ben Laurie
- Re: [therightkey] [cabfpub] Updated Certificate T… kirk_hall@trendmicro.com
- Re: [therightkey] [cabfpub] Thoughts on reducing … Ben Laurie
- Re: [therightkey] [cabfpub] Thoughts on reducing … Tim Moses
- Re: [therightkey] [cabfpub] Thoughts on reducing … Ben Laurie
- Re: [therightkey] [cabfpub] Thoughts on reducing … Daniel Kahn Gillmor
- Re: [therightkey] [cabfpub] Thoughts on reducing … Ben Laurie
- Re: [therightkey] [cabfpub] Thoughts on reducing … Daniel Kahn Gillmor
- Re: [therightkey] [cabfpub] Updated Certificate T… Rob Stradling
- Re: [therightkey] [cabfpub] Updated Certificate T… i-barreira
- Re: [therightkey] [cabfpub] Updated Certificate T… Rob Stradling
- Re: [therightkey] [cabfpub] Updated Certificate T… Mat Caughron
- Re: [therightkey] [cabfpub] Updated Certificate T… Mat Caughron