@feldpos @ivanristic But that's the PKI, right?
@ivanristic @dveditz Our policy change to require name constraints or audit+disclosure has silently improved things for CAs that comply.
-
-
@BRIAN_____@dveditz I meant a roadmap for things such as HSTS, PKP, Tack, UI issues, CT, Convergence, etc. And, other, new ideas! -
@ivanristic@BRIAN_____ we support HSTS w/a pre-load list, working on PKP. -
@dveditz@BRIAN_____ And how do I get on that list, for example? -
@ivanristic Right now: use HSTS w/ max-age of 18 weeks or more and get on Google's HSTS preload list. Then you will show up on our list. -
@BRIAN_____ Do you need help crawling for HSTS information to preload? -
@ivanristic In fact, we already have most of the crawler done. The part that is missing is the list of (hostnames, ports) that support TLS. -
@BRIAN_____ I can give you that, too. -
@ivanristic That is the only thing needed. We're already using automation for our preload list given such a list (Google's, currently).
End of conversation
New conversation -
-
-
@BRIAN_____@dveditz I welcome your efforts with the root programme, but that’s not what I was asking about.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.