[DG-IDoT] Certificate Transparency

Scott Shorter sshorter at electrosoft-inc.com
Fri Oct 10 11:06:33 CDT 2014


Hello all,

Following my mention on today's call, let me link to the page about certificate
transparency <http://www.certificate-transparency.org/>, which is now the
experimental RFC 6962 <http://tools.ietf.org/html/rfc6962>.  Quoting from
the RFC:

 This document describes an experimental protocol for publicly logging
   the existence of Transport Layer Security (TLS) certificates as they
   are issued or observed, in a manner that allows anyone to audit
   certificate authority (CA) activity and notice the issuance of
   suspect certificates as well as to audit the certificate logs
   themselves.  The intent is that eventually clients would refuse to
   honor certificates that do not appear in a log, effectively forcing
   CAs to add all issued certificates to the logs.


-
Scott

==============================================================
*Scott Shorter, Principal Security Engineer*
Electrosoft *–* Fueling Customer Success Through Outstanding Value and
Trust!
*Woman-Owned, Minority-Owned Small Business | ISO 9001 | CMMI Level 2 *
1893 Metro Center Drive; Ste 228; Reston, VA 20190
(703) 437-9451 x21 (office);   (240) 994-7793 (cell)
sshorter at electrosoft-inc.com (Email);   http://www.electrosoft-inc.com (Web)
==============================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/dg-idot/attachments/20141010/3f0f48c5/attachment.html>


More information about the DG-IDoT mailing list