Ben Laurie <b...@google.com> writes: >what happens when the cert rolls? If the key also changes (which would seem >to me to be good practice), then the site looks suspect for a while.
I'm not aware of any absolute figures for this but there's a lot of anecdotal evidence that many cert renewals just re-certify the same key year in, year out (there was even a lawsuit over the definition of the term "renewal" in certificates a few years ago). So you could in theory handle this by making a statement about the key rather than the whole cert it's in. OTOH this then requires the crawler to dig down into the data structure (SSH, X.509, whatever) to pick out the bits corresponding to the key. Other alternatives are to use a key-rollover mechanism that signs the new key with old one (something that I've proposed for SSH, since their key-continuity model kinda breaks at that point), and all the other crypto rube-goldbergisms you can dream up. In any case though at the moment we have basically no assurance at all of key/cert information so even a less-than-perfect mechanism like trusting Google and having problems during cert rollover is way, way better than what we've got now. In any case if Google decides to go bad then redirecting everyone's searches to www.drivebymalware.ru is a bigger worry than whether they're sending out inaccurate Perspectives responses. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com