Minutes IETF100: trans
Public Notary Transparency
||Minutes IETF100: trans
dkg taking notes
rsalz jabber scribing
Question to room: are there objections in the room to Melinda and Paul
knocking out text to clear AD review for threat analysis draft?
No objections in the room.
Linus Nordberg presents about Gossip
open question about whether we should refactor it.
Not many people have read the gossip draft.
6962bis has no editors in the room.
ekr went through the revised document. the issues he found should be
resolvable relatively quickly.
Diego Lopez presents short-lived certs
first proposal seems to mix the idea about short-lived certs with
privacy-focused cert redaction.
STAR proposal has one long metacertificate which covers a range of
This appears to be the moral equivalence of OCSP-must-staple
ekr+david+rsalz says that the it's unsafe to issue certs with less
than 1 day because clients clocks are sloppy
Without this STAR "collapsed cert series" proposal, log size will
grow, increasing cost to log operators (storage + bandwidth) and log
Yoav Nir announces discussion about short-term certs Thursday evening.
Tadahiko Ito (Secom) presents Name Redaction
motivates the need for this based on IoT devices that do not need full
some discussion around whether redaction is hash-based or just
open question about whether geo-information in certificate signed by
public CA is even possible.
symantec has issued 2 billion device certificates, to external devices.
some dispute over whether the use case described actually makes sense
-- if these are public devices, they should be on the public
infrastructure. if they're not, they can use private CAs.
Ben Schwartz: raises DoS attack on the basis of domain name
Melinda Shore suggests returning to the CAB Forum
Hum: should IETF work on name redaction? some hums for yes, silence for no.
What's going on with the Client Behavior draft? we need browser
vendors to supply a draft, but none are volunteering. Chrome CT folks
aren't present at all.
ekr says we should shut down the group if there are no active drafts.