The IESG has received a request from an individual submitter to consider the following document: - 'Certificate Transparency' <draft-laurie-pki-sunlight-07.txt> as Experimental RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2013-02-26. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. As a result of comments received in the first last call and based on additional coding, the authors are now proposing to define a new TLS extension (see section 3.3.1) which requires IETF review. So this is a second IETF last call primarily intended to ensure that that change gets the appropriate review. Abstract This document describes an experimental protocol for publicly logging the existence of TLS certificates as they are issued or observed, in a manner that allows anyone to audit certificate authority activity and notice the issuance of suspect certificates, as well as to audit the certificate logs themselves. The intent is that eventually clients would refuse to honor certificates which do not appear in a log, effectively forcing CAs to add all issued certificates to the logs. Logs are network services which implement the protocol operations for submissions and queries that are defined in this document. The file can be obtained via http://datatracker.ietf.org/doc/draft-laurie-pki-sunlight/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-laurie-pki-sunlight/ballot/ No IPR declarations have been submitted directly on this I-D.
