Re: [Trans] Redaction

Jeremy Rowley <jeremy.rowley@digicert.com> Mon, 12 December 2016 23:16 UTC

Return-Path: <jeremy.rowley@digicert.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9068C129EA4 for <trans@ietfa.amsl.com>; Mon, 12 Dec 2016 15:16:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.896, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 752mOADVYOQ7 for <trans@ietfa.amsl.com>; Mon, 12 Dec 2016 15:16:19 -0800 (PST)
Received: from mail.digicert.com (mail.digicert.com [64.78.193.232]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A7E49129E68 for <trans@ietf.org>; Mon, 12 Dec 2016 15:15:06 -0800 (PST)
From: Jeremy Rowley <jeremy.rowley@digicert.com>
Authentication-Results: mail.digicert.com; dkim=permerror (bad message/signature format)
To: Steve Medin <Steve_Medin@symantec.com>, Matt Palmer <mpalmer@hezmatt.org>, "trans@ietf.org" <trans@ietf.org>
Thread-Topic: [Trans] Redaction
Thread-Index: AdJUlksjv9TRzUd9SniOmObi+d+60QAannQAAAFuH4AADpBY4A==
Date: Mon, 12 Dec 2016 23:15:04 +0000
Message-ID: <c5300b2119754484b3af69aa4e505a60@EX2.corp.digicert.com>
References: <6268e70318aa4ba2acf869829fcb62c3@EX2.corp.digicert.com> <20161212222134.GM11153@hezmatt.org> <BLUPR16MB0449CBDA428C59F1101625D4EA980@BLUPR16MB0449.namprd16.prod.outlook.com>
In-Reply-To: <BLUPR16MB0449CBDA428C59F1101625D4EA980@BLUPR16MB0449.namprd16.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [67.137.52.7]
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_028D_01D25492.E58B8490"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/r05obx4l-0Kz9L_JFZ2lgFvX1GQ>
Subject: Re: [Trans] Redaction
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Dec 2016 23:16:20 -0000

The survey is ongoing and informal, targeting our enterprise clients (over
SMB). I wanted to get some data in place (even if informal) so there was
some information about the need redaction. Although the survey is anonymous,
we allowed participants to opt-out of the privacy, which means I should have
real names to provide at the end of the survey. 

The list of questions:
1) Are you concerned about the Google requirement to log each certificate
issued in a public database?
2) If yes, why are you concerned? 
3) Would having a way to redact information from certificates alleviate your
concern? 
4) If yes, which proposal would you like DigiCert to support (select all):
Hide the DNS label, Hid the subject information, issue under a technically
constrained intermediate. 
5) Any additional comments?
6) Do you plan on using CAA? 

Jeremy

-----Original Message-----
From: Trans [mailto:trans-bounces@ietf.org] On Behalf Of Steve Medin
Sent: Monday, December 12, 2016 4:03 PM
To: Matt Palmer <mpalmer@hezmatt.org>; trans@ietf.org
Subject: Re: [Trans] Redaction

Yea, I'm stunned that 50% of respondents can operate in the strait jacket of
TCSC, although I can see that working for Plex's customer IP address privacy
concern.

> -----Original Message-----
> From: Trans [mailto:trans-bounces@ietf.org] On Behalf Of Matt Palmer
> Sent: Monday, December 12, 2016 5:22 PM
> To: trans@ietf.org
> Subject: Re: [Trans] Redaction
> 
> On Mon, Dec 12, 2016 at 05:30:20PM +0000, Jeremy Rowley wrote:
> > We've been conducting short surveys of key customers to find out 
> > whether redaction is of interest to server operators, what form of 
> > redaction they'd like most, and why they are concerned about 
> > redaction. Here are the results so far:
> 
> Can you share the sample size, respondent size, survey methodology, 
> and (anonymised, if necessary) raw result data?  Summaries of response 
> data
are
> far less enlightening than the actual responses data points.
> 
> - Matt
> 
> _______________________________________________
> Trans mailing list
> Trans@ietf.org
> https://www.ietf.org/mailman/listinfo/trans