On Thu, May 23, 2024 at 12:42 PM David Benjamin <david...@chromium.org> wrote: <snip> > > Of course, whether this property (whether servers can usefully pre-deploy > not-yet-added trust anchors), which trust expressions does not have, even > matters boils to whether a root program would misinterpret availability in > servers as a sign of CA trustworthiness, when those two are clearly unrelated > to each other. Ultimately, the trustworthiness of CAs is a subjective social > question: do we believe this CA has *and will continue* only sign true > things? We can build measures to retroactively catch issues like Certificate > Transparency, but the key question is fundamentally forward-looking. The role > of a root program is to make judgement calls on this question. A root program > that so misunderstands its role in this system that it conflates these two > isn't going to handle its other load-bearing responsibilities either.
As the old saw goes "past performance is no guarantee of future results, but it sure helps". Moreover root programs have to balance the benefits of including a CA against the costs. One of those benefits is the number of sites that use it. Sincerely, Watson > > David > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org -- Astra mortemque praestare gradatim _______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
