Re: [wpkops] draft-housley-web-pki-problems-00
joel jaeggli <joelja@bogus.com> Tue, 07 July 2015 21:53 UTC
Return-Path: <joelja@bogus.com>
X-Original-To: wpkops@ietfa.amsl.com
Delivered-To: wpkops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8531E1AD368 for <wpkops@ietfa.amsl.com>; Tue, 7 Jul 2015 14:53:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GeA6-Z50W9eu for <wpkops@ietfa.amsl.com>; Tue, 7 Jul 2015 14:53:54 -0700 (PDT)
Received: from nagasaki.bogus.com (nagasaki.bogus.com [IPv6:2001:418:1::81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A2911AD35F for <wpkops@ietf.org>; Tue, 7 Jul 2015 14:53:54 -0700 (PDT)
Received: from mb-aye.local (c-50-186-11-175.hsd1.or.comcast.net [50.186.11.175]) (authenticated bits=0) by nagasaki.bogus.com (8.14.9/8.14.9) with ESMTP id t67LrnvY021064 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 7 Jul 2015 21:53:49 GMT (envelope-from joelja@bogus.com)
To: Jeremy Rowley <jeremy.rowley@digicert.com>, Russ Housley <housley@vigilsec.com>, "wpkops@ietf.org" <wpkops@ietf.org>
References: <28D7CC3C-E21C-4D01-8F13-F2D661D82D71@vigilsec.com> <8d66da4eb5d24bb89f8d6b934640ea61@EX2.corp.digicert.com>
From: joel jaeggli <joelja@bogus.com>
Message-ID: <559C4A67.90700@bogus.com>
Date: Tue, 07 Jul 2015 14:53:43 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.0
MIME-Version: 1.0
In-Reply-To: <8d66da4eb5d24bb89f8d6b934640ea61@EX2.corp.digicert.com>
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="QgvLQNtgIQdeaMUkWRiEWGAAdm1QFLMGr"
Archived-At: <http://mailarchive.ietf.org/arch/msg/wpkops/NITxwXDsIZYGvSHsWw89iRkiWg0>
Subject: Re: [wpkops] draft-housley-web-pki-problems-00
X-BeenThere: wpkops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <wpkops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wpkops>, <mailto:wpkops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wpkops/>
List-Post: <mailto:wpkops@ietf.org>
List-Help: <mailto:wpkops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wpkops>, <mailto:wpkops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2015 21:53:55 -0000
On 7/7/15 12:36 PM, Jeremy Rowley wrote: > This paper sounds like a wish list of select issues taken from the > Mozilla forums. I don't see why it would be published as > informational RFC? Is the goal to make a list of issues that > community members feel need to be discussed? I don't get it. In general, I'd look at a 00 draft published against the deadline for a particular meeting as the opening salvo in a conversation someone wants to have, in this case somewhere at ietf 93. I have this somewhere in my queue along with some fraction of the other thousand or so drafts submitted against the monday cutoff. > The conclusions seem to be 1) Have a CAB Forum that is more > transparent (which is out of scope of the IEFT - I'm not sure I've > ever seen an IETF paper specifically call out to another industry > body requesting a change in its membership?) and 2) Use Let's Encrypt > - one specific member of the CA community. Many CAs already offer > free tools to automate issuance, making the call out to Let's Encrypt > very odd in an IETF document, especially where the touted feature - > new automated tools - already exist > (https://www.digicert.com/express-install/). I have a similar > complaint about the reference to acme where PHB has been proposing > something similar for a LONG time > (https://tools.ietf.org/html/draft-hallambaker-omnibroker-06). > > I'm also not sure why you selected the specific issues for inclusion > in the paper. For example, the paper doesn't mention inconsistencies > in validation levels, which (imo) is a bigger issue than the "too big > to fail" scenario. Cost also is a weird issue to include in the > document since it's always relative. It's also very difficult to > discuss without running afoul of anti-trust laws. > > Jeremy > > -----Original Message----- From: wpkops > [mailto:wpkops-bounces@ietf.org] On Behalf Of Russ Housley Sent: > Tuesday, July 7, 2015 8:57 AM To: wpkops@ietf.org Subject: [wpkops] > draft-housley-web-pki-problems-00 > > I want to make people on this list aware of this draft that was > posted yesterday. > > Stephen Farrell suggested that this list might be a good place to > discuss it. > > Russ > > _______________________________________________ wpkops mailing list > wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops > > _______________________________________________ wpkops mailing list > wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops >
- [wpkops] draft-housley-web-pki-problems-00 Russ Housley
- [wpkops] draft-housley-web-pki-problems-00 Russ Housley
- Re: [wpkops] draft-housley-web-pki-problems-00 Phillip Hallam-Baker
- Re: [wpkops] draft-housley-web-pki-problems-00 Jeremy Rowley
- Re: [wpkops] draft-housley-web-pki-problems-00 Phillip Hallam-Baker
- Re: [wpkops] draft-housley-web-pki-problems-00 joel jaeggli
- Re: [wpkops] draft-housley-web-pki-problems-00 Karen O'Donoghue
- Re: [wpkops] draft-housley-web-pki-problems-00 Gervase Markham
- Re: [wpkops] draft-housley-web-pki-problems-00 Rick Andrews
- Re: [wpkops] draft-housley-web-pki-problems-00 Ralph Holz
- Re: [wpkops] draft-housley-web-pki-problems-00 Jeremy Rowley