Nelson B Bolyard:
Aren't the people who send their credit card number on an https
connexion where the private key of the server is public knowledge
already screwed ?
Yes, of course. The question for this thread is: who is responsible
for each screwedness?
I beg to differ. The question is: for what is the CA responsible?
It is for assuring the certified binding of name and key. When that
binding has no more assurances, the certificate becomes a false statement of
assurance.
For once I must slightly disagree with you, Nelson. (it doesn't happen a
lot though :-) )
Responsibilities are shared (at least) or sometimes the full
responsibility of the subscriber. If the subscriber insists on creating
his own key and this is his perfect right, then he bears the
responsibility for it. Most subscriber agreements and CA policies
clearly define that.
If the CA provides a crappy utility for creating keys, than it would the
CA's responsibility of course.
However, given that a CA cannot know whether or not a domain has been
compromised,
A CA can know that a key has been compromised.
How? Shall CAs now be in the business of trying to crack their
subscribers keys? Just because there is now one popular and know flaw
out there? Do you believe it's the only one? For which bugs and flaws
shall the CA look for?
The keys in question are not "possibly compromised". They are compromised.
Period. Only the degree to which the compromised key has been exploited
may be unknown.
All keys are compromised? For which possible exploits shall the CA look
for? Perhaps you know exactly for which flaws and bugs should be scanned....
The keys ARE compromised. A CA who refuses to timely revoke a cert with a
known compromised key abrogates any public trust.
Yes, once it's known to the CA it should revoke it immediately. No question.
It's the difference between "Your drawer in the bank vault has been robbed"
and "the bank vault door lock is now broken and the door is wide open".
Both situations demand action.
The banks door locks are excellent, but the key to the safety deposit
box was lost by the customer. Once the customer informs the bank that he
lost his key, the bank will certainly replace the lock of the deposit
box. However the bank most likely will not replace the lock of the
drawer, if it doesn't know about it. It's the responsibility of the
customer to inform the bank. This analogy is also correct for CAs.
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
