On 25/1/09 22:06, Florian Weimer wrote:
* Ian G.:
What I know of, not exclusive or reliable:
...
2. while certificates by their nature and name are often public
("public key"), that doesn't mean that anyone else can use
them. Indeed, some CAs go to the extent of making their certificates
"proprietary" under the doctrine of copyright, etc. CAcert does this,
and also AFAIK, Verisign does this although for perhaps different
motives. In this case, the direct concern appears to be to establish
the RPA or equivalent.
This also affects the certificates in the browser list, right?
Yes. So technically if someone comes up with a new "use model" for
certificates, they might be infringing on copyright. For example,
statistics collection might fall under that (and did in one case that
was observed / documented).
What bugs me about the lack of certificate disclosure is that it
typicall covers less data which ICANN requires from registries and
accredited registrars to make available (at a few in some cases). DNS
provides quite a bit of transparency in this area (data accuracy
issues notwithstanding). The browser PKI is supposed to cover
matching data and to be more secure, yet very little data is published
(or made available for a fee) in searchable form by the certification
authorities themselves.
Well. Publication is not the same thing as security. Although there
are some communities where "open" is promoted as the source of all
bounty, some things want to be private to be secure.
Certificates kind of walk the line between privacy and publication,
trying to have their cake and eat it too. They publish (by means of the
so-called public key) some verified data about the person like the real
name, but they also promise security. Which clashes with privacy,
because you should be able to do net stuff while being private. Nudity
isn't security, neither in names nor other forms of commerce.
The old x.509 invention came from telcos, who thought in terms of
telephone books. In the old days, everyone had an entry in the
telephone book, and the privacy derived from the fact that it was hard
to find any particular J. Smith. Sort of. They charged you for
privacy, or an "unlisted number", and this was good. They thought.
They covered other problems with laws and an iron grip on the copper.
Yet, when x.509 actually hit the internet world in the early 1990s, a
lot of privacy conscious organisations (e.g., banks) looked at this and
realised it was a non-starter (here, read any rant by Lynn Wheeler with
the word "bloat" in it).
But by then it was too late; the code was in the infrastructure, PKI
had won the war of models. So the privacy and other communities like
banks rejected it. We still see this clash of concepts in the
"anonymous v. fully named" contrast within PKI.
Which brings us full circle to the question about security. As long as
the CA knows who you are, and can do something about it, why do we need
publication?
Well, the answer to that is that the business model of the CAs is
fundamentally limited by the need to sell "verifications of names,"
while avoiding any liability (see below). It is harder to achieve this
balance while the name is anonymous, because the CA then has to
specifically take on the liability (as it is the one hiding the name).
I don't think this makes any sense whatsoever
--until you cynically assume that the opacity is there to protect CAs
from PR blunders and worse. 8-(
Well, many words could be said about that, but let me put forward my
standard rant:
CAs have protected themselves [1]. Successfully, whether you like it or
not.
The task of Mozilla and points further south [2] is to figure out what
to do, given that situation [3].
My advice is this: Mozilla sets liability to zero, and does so loudly.
That is, it recognises reality, and moves to align systems, documents
and processes with reality.
The reason this works is because once we recognise reality, and put
Mozilla on a liability footing that is approximately close to that
reality, then everyone can stop dancing around the thing that nobody
dare say.
Once we stop dancing around the impossible, and stop telling fairy
stories to each other and to the end-users ... then and only then will
real solutions and real improvements be encouraged to emerge [4] for the
benefit of end-users.
iang
[1] I have skimmed the RPAs of most popular CAs at one time or another,
and presented the language on this group. Most have the key language in
it. So my view covers the market in general. Although some specific
CAs may not have subscribed to this theory, or incompletely implemented
it. Also, this is "views of legal positions" so the normal caveat of
"consult your own lawyer" applies.
[2] End-users, other relying parties, other vendors, standards
committees, governments, developer communities and others that might
have something to do with certificates.
[3] There is a strong implication here that you, and everyone else, has
zero chance of changing the situation.
[4] They are already emerging; but they will emerge faster when we can
deal with reality, not dancing.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
