Paul Hoffman wrote: > > However, given that a CA cannot know whether or not a domain has been > compromised, a CA that tries to save the customer by revoking the > possibly-compromised domain's keys is overstepping its responsibility.
Whether the CA is overstepping its responsibility is subject of the CPS. > The public key is still associated with the domain; it might be > associated with Mallory as well, but that's unknown. A CA usually also makes provisions about the strength of keys. So if the keys do not comply to a required key strength anymore (which is IMHO not only made up by the key's bit-length) then the CA should revoke the accompanying cert. > They keys are not "broken", they are "trivial to break if an attacker > wants to". That's an important difference, and one that needs to be made > in any warning we give to a user. Yes. Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
