On Tue, Jan 28, 2014 at 8:45 PM, David E. Ross <nobody@nowhere.invalid> wrote: > On 1/28/2014 4:37 PM, Brian Smith wrote : >> Benefits of my counter-proposal: >> 1. Fewer roots for us to manage. >> 2. Sites that forget to include their intermediates in their TLS cert >> chain are more likely to work in Firefox, without us having to do AIA >> caIssuers, because of us preloading the intermediates. >> 3. Because of #1, there is potential for us to design a simpler root >> certificate management UI. >> 4. We can do optimizations with the preloading of intermediates to >> avoid building the whole chain every time. (That is, we can >> precalculate the trust of the intermediates.) > > I do not consider "Benefit #2" to be a benefit. This would mean that > Mozilla is enabling poor security practices by allowing server > administrators to be lazy and incompetent -- allowing them to tell users > their browsing session is secure while the server is incompletely > configured.
First, let me split my proposal into two parts: Part 1: I'm proposing that we add five certs that are equivalent to the five certs that DigiCert wants to add, EXCEPT that only one of them would be a trusted root, and the other four would be intermediates of that root. So, as far as what I'm proposing here is concerned, there would be no change as to what websites would be required or not required to send in their SSL handshakes, if DigiCert continues to require an intermediate between the end-entity cert and any of those five certs. Part 2: It is considered bad practice by some to issue certificates directly from a root. But, since four of those certificates wouldn't be roots, then DigiCert could issue certificates directly off of them without doing the thing that is perceived to be bad. if they did so, then because those intermediates would be preloaded into NSS, then we would be able to tolerate the failure of a website to send the intermediate certificate. I understand that it is not 100% great to do things that encourage websites to skip the inclusion of intermediates in their certificate chains, but we're currently on the losing side of this compatibility issue since we also do not implement caIssuers. And, we've helped make the problem bad by caching intermediates collected from surfing the internet; the consequence of this is that when a website admin is testing his broken configuration in Firefox, he/she often won't notice the missing intermediate because Firefox has papered over the issue by having cached the needed intermediate from the CA's website. I'd like us to stop doing that, and it is likely that doing so will require us to preload quite a few intermediates to maintain compatibility. Cheers, Brian _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
