Eddy Nigg (StartCom Ltd.) wrote: > But back to our issue, if a compromised server issues a certificate from > within the name constraint and uses it to attack another user (by > claiming to send mail from [EMAIL PROTECTED] or setting up a fake > site for https://really.allowed-domain.com), this would be the classical > MITM vector SSL is meant to prevent. Hence it doesn't matter really if > there is or isn't a name constraint, just the range of possible attacks > is limited.
As I understand it, if a Blackbox customer loses control of their private key, the only person who has a problem is that customer (their websites and email can be spoofed). So it's in their best interests to keep it secure, and I'm sure WISeKey will make that clear to them. The point is that their security destiny is in their own hands. This is not like a root CA key compromise, where even people who aren't customers of that CA can be affected. > CAs which issue sub CAs without taking responsible actions to control, > verify and guide them, are suspected to being compromised right from the > beginning. Without insisting on this, we can just stop reviewing CAs > altogether and save us the hassle... There's a difference between "sub-CAs" (where your point is valid) and "sub-CAs with name constraints" (where I suggest that it is not). Gerv _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
