Paul Hoffman wrote: >> The keys in question are not "possibly compromised". They are >> compromised. >> Period. > > Until we see any evidence of this in the real world, we disagree.
Oh, come on. With ready-to-use tools to scan for these weak keys the evidence is there. >> A CA who informs it relying parties that it can no longer assure the >> binding >> that it once certified is fulfilling its responsibility, not exceeding >> it. > > a) Let's be careful with our assertions. The CA can still assure the > binding of the name to the public key; what they can't assure is the > unique control over the private key. Yes. But being in the CA *business* I would take this case to attest my trustability. > b) Does revoking a certificate inform a relying party of anything > significant? Yes. It makes a cert invalid. (I know that CRLs are not checked in practice very often.) > c) What responsibilities does a CA have to relying parties? I have never > signed a contract with any of them. Paul, that's really a very poor argument! Well, exactly this leads to the conclusion of PKI critics who pointed out that CAs are hiding behind their CPSs and do not feel responsible for anything. > To be frank, browser vendors have more responsibilities to relying > parties than CAs do. That's why the browser vendors carefully check > CPSs and enforce rules about them. This would mean kicking out all root CA certs of CA (chains) which do not act on this particular "Debian Weak Key Problem". ;-) >> The keys ARE compromised. A CA who refuses to timely revoke a cert >> with a >> known compromised key abrogates any public trust. > > "Any"? Do you really think that a typical Firefox user, even when this > is all explained to them, would be as strident as you are here? The typical Firefox user trusts the PKI. It delegates security checks to a trusted third party. The CA's *business* is to help this average user to use SSL-enabled Internet securely. Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
