Michael Ströder wrote:
Julien R Pierre - Sun Microsystems wrote:
Paul Hoffman wrote:
At 3:45 PM -0800 1/21/09, Nelson B Bolyard wrote:
Perhaps Mozilla should change its policy to require CAs to revoke certs
when the private key is known to be compromised, whether or not an
attack
is in evidence, as a condition of having trust bits in Firefox.
Fully agree.
Thirded.
+1
I'm surprised that isn't already the case :-(
Me too. :-/
(I'm catching up on CA-related stuff, and just finished reading quickly
through this thread.)
First, I have no problems with adding something in the "problematic
practices" page about recommending that CAs revoke end-entity
certificates when the associated private keys are known to be
compromised. (And I agree that having private keys published on the
Internet fits any reasonable definition of the word "compromised".) This
is a good thing to ask CAs about, and to put them on notice.
Now, with regard to making this a formal policy requirement, I have the
following questions:
1. To what extent do typical CPSs and CPs address this issue? In other
words, if we were to read the average CPS/CP, would it have language
that would unambiguously tell us whether our policy requirement were met
or not? Or is this something that's typically ambiguous and left to CAs'
discretion, or that CAs are prohibited from unilaterally doing under the
terms of their subscriber agreements? (E.g., CA can revoke only at the
subscriber's request.)
2. Assuming a CA becomes aware of a compromised key and doesn't revoke
it, what courses of action are open to us other than pulling the CA's
root? Is there serious consideration being given to implementing some
alternative mechanism in NSS or PSM to blacklist certs which we think
are suspect even if the CA does not?
Frank
--
Frank Hecker
hec...@mozillafoundation.org
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
