- From: Noah Mendelsohn <nrm@arcanedomain.com>
- Date: Thu, 24 May 2012 14:35:46 -0400
- To: "www-tag@w3.org" <www-tag@w3.org>
- CC: Thomas Roessler <tlr@w3.org>
Possibly pertinent to TAG ACTION-710 [1] and to the TAG's overall interest in the integrity of the Certificate Authority system. See TACK (article at [2], IETF draft at [3]), a proposal for improving the integrity of the CA system. The abstract of the draft is: "Abstract This document defines TACK, a TLS Extension that enables a TLS server to assert the authenticity of its public key. A TACK contains a "TACK key" which is used to sign the public key from the TLS server's certificate. Hostnames can be "pinned" to a TACK key. TLS connections to a pinned hostname require the server to present a TACK containing the pinned key and a corresponding signature over the TLS server's public key." Noah [1] http://www.w3.org/2001/tag/group/track/actions/710 [2] https://threatpost.com/en_us/blogs/cryptographers-unveil-new-way-trust-certificates-052312 [3] http://tack.io/draft.html
Received on Thursday, 24 May 2012 18:36:27 UTC