On 10/1/09 19:59, Paul Hoffman wrote:
At 5:18 PM +0100 1/10/09, Ian G wrote:
That I agree with, although I believe NIST's decisions will be a lot more
important. (Disclaimer: I sometimes consult for NIST.)
Ahhh... no, please! Mozilla needs to do its own analysis. If it can't make up
its own mind about MDs, which are the simplest possible building block in all
of crypto, then what hope is there?
Where did I say Mozilla didn't need to do its own analysis? I said that NIST's
will be more important.
OK, point taken.
- Mozilla changes its rules for CAs in the trust anchor pile to say that they
must not issue certificates with RSA-MD5 starting on some date (it could even
be this year), and to say that sub-CAs cannot have their identities assured by
RSA-MD5. This is a retroactive change to its acceptance policy in the pile.
I would argue that is already covered in the policy, because it has a clause
that says that CAs must follow the technical decisions of Mozilla. I don't
think we want to get into the rabbit hole of documenting all those
technicalities :)
That's absurd. You can't hold a CA to doing something that we don't document.
Well, CAs aren't being "held" to anything, they are just advised that
Mozo reserves the right to act unilaterally. Heavily stripped:
http://www.mozilla.org/projects/security/certs/policy/
============
4. We reserve the right ..., to discontinue including a particular CA
certificate in our products, ...
[including] a CA certificate ... might cause technical problems with the
operation of our software ...
============
It's in there. It is clear. The details can be discussed and argued
about. And, whether Mozo should take this action, drastic or otherwise,
is a completely separate question.
My point above is that they can, at least; and no change is required to
the policy.
On your other points: OK! if I can summarise your argument, I see that
it is this: that the potential of an attack and damages is exaggerated.
To summarise my argument, it is too hard to economically figure out
all the angles, so better to simplify.
iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
