[SSL Observatory] on CA pinning

ArkanoiD ark at eltex.net
Tue Sep 13 07:13:37 PDT 2011


Nope, I was looking for much older proposal.. It was years old and not very
practical IIRC.

On Tue, Sep 13, 2011 at 09:57:01AM -0400, Daniel Kahn Gillmor wrote:
> On 09/13/2011 09:50 AM, ArkanoiD wrote:
> > IIRC there was a (ietf draft? rfc? whitepaper?) on limiting CA trust domains,
> > email-centric (may be even x.400-centric), but I cannot find it now!
> > 
> > Does anyone remember what exactly it was?
> 
> To be clear, it's Certificate Pinning, not necessarily CA pinning.
> 
> It's being discussed currently on the IETF's websec list, starting here:
> 
>  https://www.ietf.org/mail-archive/web/websec/current/msg00505.html
> 
> hth,
> 
> 	--dkg
> 
> 
> email protected and scanned by AdvascanTM - keeping email useful - www.advascan.com 
> 
> 





More information about the Observatory mailing list