On 02/11/2011 01:33 AM, From Stephen Schultze:
You cut off the end of the sentence, which made clear that I was
referring to how the *trust* of the CA model relies on blind trust of
the data in DNS. Any fundamental trust model shortcoming of DNS is
likewise a shortcoming of CA DV. You've never explained how you think
this could be false.
I tried - let me try again. But actually I should start with your last
question in this post first and it would make a lot more sense (you can
scroll down if you want)...
There are additional steps CAs can/should/do besides checking domain
control - even in the DV settings. Those range from basic sanity checks,
checks on weak/small keys, weak hashes, domains with obvious problems,
re-validation and other flagging mechanisms before issuance, phishing
detection and so forth.
It continues with the ability to revoke certificates upon
detection/reporting of misuse or other issues - it's a very strong point
why a CA is beneficial.
Additionally, DV may protect against a shortcoming of DNS that is
happening now and possible wrongful issuance of a DV certificate may be
detected due to shortcoming of DNS. Those are just the very obvious
points I mentioned before. Keys-in-DNSSEC can't provide that without the
involvement of a third party like a CA.
FWIW, it should be obvious that the EV trust model does *not* rely on
blind trust of DNS because it incorporates OOB confirmation of
identity rather than just domain ownership. This is a good thing.
Well, even WHOIS needs DNS - obviously the better the organization
validation, the lesser the chance of misuse.
The only thing that Mozilla requires of DV CA's is that they validate
domain ownership.
Well no, Mozilla requires a bunch of other things CAs must provide and
do, including OCSP and CRLs, ability to report misuse, revocation
requirements, sound PKI implementations (through WebTrust, ETSI), an
audit regime, its own policies and reviews and and and...just look at
the new policy requirements and how to apply. And this is just the
beginning, more is to come from Mozilla and elsewhere.
Anti-phishing and other punishments for actions that the CA doesn't
approve of are irrelevant
Why should they be irrelevant? They are certainly beneficial and very
relevant indeed, otherwise why having them in first place. Subscriber
obligations are not just here for fun.
I really don't understand why this has been such a problem, given that
your work and reasoning on other topics is so good. It is a mystery
to me.
Since this is NOT the policy list, I'm willing to share some thoughts...
I'm knowing both sides very closely. Those of the relying parties
(including software vendors) and those of the CAs. I know the ins and
outs of running a CA with everything it entails. If you haven't been
there, you probably don't know enough yet.
But I'm also putting my money where my mouth is and I take some credit
for changes that occurred and are occurring in this industry. Being it
for providing an alternative (business model) to commonly known and
conventional CAs and being it for guiding and demonstrating better and
more responsible policies and practices and pushing for those to become
applied evenly.
By doing that, I can assure you that DV is not just authenticated
point-to-point encryption - even though DV is really the lowest level
which should be used only for its intended purpose and stands just for
that. But that's not all, there are things I don't want to publicly
disclose and they are nowhere required. They still exists and contribute
nevertheless.
Having said that, of course I'm not taking responsibility for every CA
out there, but that's also the reason I'm working with Mozilla and
elsewhere to improve existing practices and remove the problematic
practices that do exist today, but are about to be addressed. I believe
this will happen rather soon and within a useful time-frame. From there
we can improve even further if possible.
Regarding DNSSEC - it will take years from now to get to an anywhere
useful level. I've seen some attempts to replace conventional X.509 PKI
trust come and go, this wouldn't be the first. However should software
vendors ever rely on DNSSEC exclusively for TLS on the web (e.g. without
third party issued certificates), I fear a disaster and SSL will become
most likely entirely meaningless. Instead I believe that CAs should take
the best out of DNSSEC for their validation procedures and this is my
intention too. Time will tell if I'm right.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
XMPP: start...@startcom.org
Blog: http://blog.startcom.org/
Twitter: http://twitter.com/eddy_nigg
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
