Re: [Trans] defining "mis-issuance"

Peter Bowen <pzbowen@gmail.com> Wed, 01 October 2014 15:45 UTC

Return-Path: <pzbowen@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1F471A1A40 for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 08:45:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b6jhc5zdeWNw for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 08:45:48 -0700 (PDT)
Received: from mail-wg0-x22e.google.com (mail-wg0-x22e.google.com [IPv6:2a00:1450:400c:c00::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8671D1A1A48 for <trans@ietf.org>; Wed, 1 Oct 2014 08:45:48 -0700 (PDT)
Received: by mail-wg0-f46.google.com with SMTP id k14so911378wgh.29 for <trans@ietf.org>; Wed, 01 Oct 2014 08:45:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=1eoU5OWVo9s414lz8r46s/YVtjc/gWODDqrCHNIUEIU=; b=KyETW2pk7HYIFEpHmIMFWlJjOI8ogfh5NPwUB+6SW4WCp8swTVv6LLUyXV22dKWBc0 KIU+cy+eGqLXZ5bXt+pjSgYmbsUMgKHX0Eq7o9i+IcURwu3VzPMMyNeYTHIlMrfl7dVH OPVojlOCtSi4CZ7vularJ+g/upa6d12B+17DYEQGE8sDhx13IZCvymMVXB5yem72QdHV FZ0OV61qYoEck0CeE5Q+I+gUPSdB8/KOzZkrm/hn5nP7c1PDYPGi8s//DimB3Ynu4Ncy PpkQy7JpRgo1bbYJGd2wj/nHdQJWIAmWgeVnYRHnckKtHgywuIdzSbD0PaGgAKoE6nXY Bfvw==
MIME-Version: 1.0
X-Received: by 10.194.134.201 with SMTP id pm9mr5372195wjb.130.1412178346964; Wed, 01 Oct 2014 08:45:46 -0700 (PDT)
Received: by 10.27.79.193 with HTTP; Wed, 1 Oct 2014 08:45:46 -0700 (PDT)
In-Reply-To: <542C1EA6.8050106@comodo.com>
References: <542477E3.8070304@bbn.com> <544B0DD62A64C1448B2DA253C011414607D1628D70@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM> <542971A7.7030700@bbn.com> <544B0DD62A64C1448B2DA253C011414607D174DEB1@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM> <542C1846.7060303@bbn.com> <542C1EA6.8050106@comodo.com>
Date: Wed, 1 Oct 2014 08:45:46 -0700
Message-ID: <CAK6vND8N-31J1yzgAh8M-YmcgCkOkANWLCF1yiZNbEPHv8i2Hw@mail.gmail.com>
From: Peter Bowen <pzbowen@gmail.com>
To: Rob Stradling <rob.stradling@comodo.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/G-RW77b0LEp13SfKsGA0PkjYeK4
Cc: "trans@ietf.org" <trans@ietf.org>, Stephen Kent <kent@bbn.com>
Subject: Re: [Trans] defining "mis-issuance"
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Oct 2014 15:45:51 -0000

On Wed, Oct 1, 2014 at 8:32 AM, Rob Stradling <rob.stradling@comodo.com> wrote:
> The "ability to provide immediate feedback to CAs that are issuing
> syntactically malformed certs" sounds like a nice idea, but surely this
> could be implemented as a stand-alone application or web service?
> Why would you want it to be an intrinsic part of CT?

This feels like an interesting feature for CT log hosts.  An
additional API that allows subscribing to the "firehose" of all log
entries as they happen.  I wonder how many certificates per second
Comodo is issuing these days with the CloudFlare annoucement...