At 3:31 PM +0000 1/13/09, Rob Stradling wrote: >Why "almost every piece of PKIX validating software" ? > >I think it would be worth it if, at a minimum... > - the majority of CAs added the extension to the certificates they issue, >and... > - Mozilla implemented support for the extension in NSS. > >This would allow Mozilla to disable a weak algorithm quickly, without having >to wait for the majority of certificates in the wild to stop using that >algorithm for their main certificate signature.
Fair enough. >I think the biggest barrier to adoption would be convincing enough of the CAs >to implement it. Really? :-) >But perhaps the Mozilla CA Certificate Policy could be >updated to require CAs to implement it? That seems kind of drastic for an extension that would only help on a security issue that has never been met. That is, the extension will only be useful for hash functions for which practical pre-image attacks are discovered, or signature functions that quickly become drastically weaker than expected. I still think it is sufficient for the policy to list the acceptable signing algorithms of the day. If the extension is standardized and is used by any CAs, and if NSS implements it and allows Firefox to be able to shut off one of multiple algorithms in the extension, that would help the CAs who used the extension. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
