@ivanristic @johnwilander @feldpos chose, past tense. It's pretty hard to change the entrenched system, though we're trying
-
-
Replying to @dveditz
@dveditz@johnwilander @feldpos Is there a whitepaper or roadmap that outlines your plans in this space?2 replies 0 retweets 0 likes -
Replying to @ivanristic
@ivanristic@dveditz Our policy change to require name constraints or audit+disclosure has silently improved things for CAs that comply.2 replies 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@dveditz I meant a roadmap for things such as HSTS, PKP, Tack, UI issues, CT, Convergence, etc. And, other, new ideas!3 replies 0 retweets 1 like -
Replying to @ivanristic
@ivanristic@BRIAN_____ we support HSTS w/a pre-load list, working on PKP.1 reply 0 retweets 0 likes -
Replying to @dveditz
@dveditz@BRIAN_____ And how do I get on that list, for example?2 replies 0 retweets 0 likes -
Replying to @ivanristic
@ivanristic Right now: use HSTS w/ max-age of 18 weeks or more and get on Google's HSTS preload list. Then you will show up on our list.1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____ Do you need help crawling for HSTS information to preload?2 replies 0 retweets 0 likes -
Replying to @ivanristic
@ivanristic In fact, we already have most of the crawler done. The part that is missing is the list of (hostnames, ports) that support TLS.1 reply 0 retweets 0 likes -
@ivanristic That is the only thing needed. We're already using automation for our preload list given such a list (Google's, currently).
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.