Document Certificate Transparency for Embedders |
|||
Issue descriptionAs Chrome continues with its Certificate Transparency deployment, based on the open-source implementation of the policies in https://www.chromium.org/Home/chromium-security/certificate-transparency , other embedders may want or need to explore support for Certificate Transparency in their Chromium-based products. Thus, //net/docs should provide better guidance as to how to acceptably determine a Certificate Transparency policy in a way that minimizes ecosystem risks while also minimizing security risks.
,
Mar 14 2017
I think the documentation needs to extend beyond those points. That describes a lot of the 'how' - and yes, that sounds correct - but in particular, I think the documentation and guidance also needs to discuss the 'why' - for both now and future releases - and the tradeoffs that products and consumers should be aware of when deciding these. That's far more pressing than the how. I'll take a stab at an initial write-up this week for the why, and then we can expand with the how - does that sound good?
,
Mar 16 2017
SGTM.
,
Mar 17 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/1b256461b832243250d8139c2a0e15e7fd5336ec commit 1b256461b832243250d8139c2a0e15e7fd5336ec Author: rsleevi <rsleevi@chromium.org> Date: Fri Mar 17 14:49:19 2017 Add documentation for Certificate Transparency in //net BUG= 700973 Review-Url: https://codereview.chromium.org/2756633002 Cr-Commit-Position: refs/heads/master@{#457766} [add] https://crrev.com/1b256461b832243250d8139c2a0e15e7fd5336ec/net/docs/certificate-transparency.md
,
Mar 17 2017
,
Mar 17 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a8b24819979eaf3727465ecdbf89e462cf98f817 commit a8b24819979eaf3727465ecdbf89e462cf98f817 Author: rsleevi <rsleevi@chromium.org> Date: Fri Mar 17 15:14:32 2017 Update Certificate Transparency documentation for Gitiles Absolutify the links, per https://gerrit.googlesource.com/gitiles/+/HEAD/Documentation/markdown.md documenting support, fix a mailto link (which auto-linking broke), and fix a '/` typo BUG= 700973 TBR=eranm@chromium.org Review-Url: https://codereview.chromium.org/2758763002 Cr-Commit-Position: refs/heads/master@{#457770} [modify] https://crrev.com/a8b24819979eaf3727465ecdbf89e462cf98f817/net/docs/certificate-transparency.md |
|||
►
Sign in to add a comment |
|||
Comment 1 by eranm@chromium.org
, Mar 14 2017