On Sun, Dec 16, 2012 at 12:07 PM, Ben Laurie <[email protected]> wrote: > On Sun, Dec 16, 2012 at 9:48 AM, ianG <[email protected]> wrote: >> Just to nitpick on this point, a CA certainly can claim that they or an >> agent did not sign a certificate. And, they can provide the evidence, and >> should have the ability to do this: CAs internally have logs as to what >> they did or did not sign, and this is part of their internal process. >> >> This is because the real world doesn't trust the cryptographic evidence on >> the face of it, we always need to go back to an independent verification of >> some form - a further point against Ben's proposal. > > You have not substantiated any points, and this is further nonsense: > if a CA claims they did not sign something which has been signed with > their key, then they are claiming they cannot manage their key. They > are still not acting correctly, either way. I'm not sure its nonsense :)
But your point and Ian's point are taken: the CA is in jeopardy either way. If they sign a subordinate CA or certificate for a server outside the owner's control, and then deny afterwards, it likely means their infrastructure is compromised. It's pretty much an untenable situation. >From Diginotar and Trustwave, we know its better to issue the certificate and then claim you did so once caught rather than take the "infrastructure is compromised" defense. And to add insult to injury, Trustwave was rewarded for their bad behavior. The Browser safety nets - such as Mozilla - completely failed too. I suspect in the future an untrustworthy CA will say nothing (i.e., neither confirm nor deny), which means someone (the EFF?) will have to take legal action to pry the answers out of them. "Say Nothing" seems the be the standard operating procedure from the corporate lawyers when the corporation is going down a rabbit hole. That means the process Google (et al) are setting up has to make provisions for "say nothing." Sticks are mandatory in the "catch me if you can" corporate world; carrots are optional. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
