[Trans] Redaction

Jeremy Rowley <jeremy.rowley@digicert.com> Mon, 12 December 2016 17:30 UTC

Return-Path: <jeremy.rowley@digicert.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1719129D85 for <trans@ietfa.amsl.com>; Mon, 12 Dec 2016 09:30:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.896, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s46ercHfooEz for <trans@ietfa.amsl.com>; Mon, 12 Dec 2016 09:30:22 -0800 (PST)
Received: from mail.digicert.com (mail.digicert.com [64.78.193.232]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68161129D70 for <trans@ietf.org>; Mon, 12 Dec 2016 09:30:22 -0800 (PST)
From: Jeremy Rowley <jeremy.rowley@digicert.com>
Authentication-Results: mail.digicert.com; dkim=permerror (bad message/signature format)
To: "trans@ietf.org" <trans@ietf.org>
Thread-Topic: Redaction
Thread-Index: AdJUlksjv9TRzUd9SniOmObi+d+60Q==
Date: Mon, 12 Dec 2016 17:30:20 +0000
Message-ID: <6268e70318aa4ba2acf869829fcb62c3@EX2.corp.digicert.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [67.137.52.7]
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0137_01D25462.BCA9D2A0"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/rRcGuVqfUdnVorRavxbugQFDKO8>
Subject: [Trans] Redaction
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Dec 2016 17:30:24 -0000

We've been conducting short surveys of key customers to find out whether
redaction is of interest to server operators, what form of redaction they'd
like most, and why they are concerned about redaction. Here are the results
so far:

 

About 70% of customers surveyed were concerned about logging all server
certs into a CT log, primarily because of privacy concerns (100% of
respondents). Security concerns were lower (20%).  Offering redaction
satisfied 100% of the respondents concerns.  100% of the concerned
respondents wanted to support redaction of the left most label in the DNS.
50% wanted to support redaction of all subject information.  50% thought a
technically constrained intermediate would work.  The 50% who wanted to
support redaction of the subject information were not the same as the
technically constrained intermediate proponents. 

 

Jeremy