Hello all, Following my mention on today's call, let me link to the page about certificate transparency <http://www.certificate-transparency.org/>, which is now the experimental RFC 6962 <http://tools.ietf.org/html/rfc6962>. Quoting from the RFC: This document describes an experimental protocol for publicly logging the existence of Transport Layer Security (TLS) certificates as they are issued or observed, in a manner that allows anyone to audit certificate authority (CA) activity and notice the issuance of suspect certificates as well as to audit the certificate logs themselves. The intent is that eventually clients would refuse to honor certificates that do not appear in a log, effectively forcing CAs to add all issued certificates to the logs. - Scott ============================================================== *Scott Shorter, Principal Security Engineer* Electrosoft *–* Fueling Customer Success Through Outstanding Value and Trust! *Woman-Owned, Minority-Owned Small Business | ISO 9001 | CMMI Level 2 * 1893 Metro Center Drive; Ste 228; Reston, VA 20190 (703) 437-9451 x21 (office); (240) 994-7793 (cell) sshorter@electrosoft-inc.com (Email); http://www.electrosoft-inc.com (Web) ==============================================================
participants (1)
-
Scott Shorter