On Thursday, 19 January 2017 20:20:24 UTC, Jakob Bohm wrote: > Google's CT initiative in its current form has serious privacy problems > for genuine certificate holders. I applaud any well-run CA that stands > up to this attack on the Internet at large.
I notice that you have not specifically identified which Certificate Authorities you believe are "well-run", perhaps your argument would have more force if you could name some market leaders in that category. As a Relying Party for the Web PKI I think Google's initiative makes a sensible trade off, you can't have privacy while also delivering oversight. The public CAs are clearly in need of oversight. This did not happen in a vacuum but as a consequence of trusted Certificate Authorities exhibiting incompetence and greed over many years. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy