On 7/7/15 12:36 PM, Jeremy Rowley wrote: > This paper sounds like a wish list of select issues taken from the > Mozilla forums. I don't see why it would be published as > informational RFC? Is the goal to make a list of issues that > community members feel need to be discussed? I don't get it.
In general, I'd look at a 00 draft published against the deadline for a particular meeting as the opening salvo in a conversation someone wants to have, in this case somewhere at ietf 93. I have this somewhere in my queue along with some fraction of the other thousand or so drafts submitted against the monday cutoff. > The conclusions seem to be 1) Have a CAB Forum that is more > transparent (which is out of scope of the IEFT - I'm not sure I've > ever seen an IETF paper specifically call out to another industry > body requesting a change in its membership?) and 2) Use Let's Encrypt > - one specific member of the CA community. Many CAs already offer > free tools to automate issuance, making the call out to Let's Encrypt > very odd in an IETF document, especially where the touted feature - > new automated tools - already exist > (https://www.digicert.com/express-install/). I have a similar > complaint about the reference to acme where PHB has been proposing > something similar for a LONG time > (https://tools.ietf.org/html/draft-hallambaker-omnibroker-06). > > I'm also not sure why you selected the specific issues for inclusion > in the paper. For example, the paper doesn't mention inconsistencies > in validation levels, which (imo) is a bigger issue than the "too big > to fail" scenario. Cost also is a weird issue to include in the > document since it's always relative. It's also very difficult to > discuss without running afoul of anti-trust laws. > > Jeremy > > -----Original Message----- From: wpkops > [mailto:wpkops-boun...@ietf.org] On Behalf Of Russ Housley Sent: > Tuesday, July 7, 2015 8:57 AM To: wpkops@ietf.org Subject: [wpkops] > draft-housley-web-pki-problems-00 > > I want to make people on this list aware of this draft that was > posted yesterday. > > Stephen Farrell suggested that this list might be a good place to > discuss it. > > Russ > > _______________________________________________ wpkops mailing list > wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops > > _______________________________________________ wpkops mailing list > wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ wpkops mailing list wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops