Hi ct-policy@,
Chrome is looking to better understand active use-cases of SCTs delivered via OCSP Stapling and/or TLS extension (i.e. not embedded in the certificate).
Though these mechanisms are included in RFC 6962, current use is extremely low. Supporting them contributes significant complexity to Chrome's certificate validation pipeline and CT processes.
If your, or your clients', processes necessitate the use of these mechanisms, we'd like to learn more! Replies to this post on-thread are great, but if you'd prefer, you can also reply to me directly.
Thanks,
Joe
Hi all,Based on the response so far, we'll be investigating removing support for one or both of these SCT delivery mechanisms in Chrome.This may be your last opportunity to influence our decision -- please reach out on thread or privately if you or your customers can't easily migrate to using SCTs embedded in the certificate, or if you think maintaining these delivery mechanisms are essential for other reasons.Thanks!Joe
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/CAKMqHLgDihdsJEcaCZURDEzTYqmxvrVNuBbxXs5bSpAkNwiEHw%40mail.gmail.com.
--
You received this message because you are subscribed to the Google Groups "Certificate Transparency Policy" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ct-policy+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/ct-policy/CAFZs0S79VG2gNtEunzPsZY8UXxV_q8Xz%3D5H%3DHTV5G7NtseJ21A%40mail.gmail.com.
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/CAKMqHLgDihdsJEcaCZURDEzTYqmxvrVNuBbxXs5bSpAkNwiEHw%40mail.gmail.com.