On Thursday, April 10, 2014 4:25:46 PM UTC+1, Pontus Engblom | DigiSSL AB wrote: > I would like to inform you that when you get a service you tend to > read the FAQs and Certificate Policy Statements, i.e StartSSL have a > FAQ where a whole bunch of numbers concern revocation and handling fees. > http://www.startssl.com/?app=25#72 > (#70 to #74). So please do not claim they do not clearly state it, > either you didn't read or didn't care to read.
I absolutely agree; however I'd also suggest that the point is moot. The question isn't whether or not people should have known, or even did know, that StartCom's business model is based around charging fees for revocations. It doesn't matter whether anyone thinks this is fair or not - I think it's a dangerous business practise, and I'm surprised that it's considered in line with §2 of Mozilla's CA Certificate Maintenance Policy, but that again is largely irrelevant. > I can agree that some certificates _MIGHT_ be compromised and need > revocation, but as StartSSL stated earlier, if you got no intention of > paying $24.90 you could also create a _NEW_ certificate with a > different subdomain and replace yours, that would cost you.. nothing? > > https://bugzilla.mozilla.org/show_bug.cgi?id=994033#c4 That's a worrying position to take. It's actually irrelevant whether the certificate my site is legitimately using is compromised or not. It's whether anyone else can use it to impersonate my site in such a way that's undetectable to my users. Preventing this requires a revocation, so even if you do use a new free certificate, or even switch CA, you still need to revoke the old one. > But I can not for the life of me see why we can't pay $24.90, they > have given us a service for free and now when we need to do something > we think its wrong of them to charge us? Compare it to the real world, > companies must make money somehow its just a question of how and where. Again, it's not relevant whether I would pay, or you would pay. I'm aware of several people either unable to, or unwilling to. This is a logical consequence of a free certificate service, that charges for revocations, I'm afraid. Ordinarily this probably wouldn't even matter, but the situation we have is hardly ordinary, and therefore there are potentially thousands of StartSSL certificates in circulation, many for Open Source projects and non-profits, which are potentially compromised and therefore untrustworthy. > Also this is issue is quite hard to handle, it is unknown how many > certs that actually have been compromised since it's not traceable. Also irrelevant. It's potential compromise we need to address, since that has a direct bearing on the trustworthiness of the certificates. > As Rob Stradling said; > > The Mozilla CA Certificate Maintenance Policy (Version 2.2) [1] > > says > > (emphasis mine): > > > > > "CAs _must revoke_ Certificates that they have issued upon the > occurrence of any of the following events: > > ... - the CA obtains _reasonable evidence_ that the subscriber's > private key (corresponding to the public key in the certificate) has > been compromised or is _suspected of compromise_ (e.g. Debian weak keys)" > > This is a bit of an issue here, we don't know whom might have been > targeted with this bug, I find it hard that low traffic domains could > have been compromised but theres a possibility, in this case there is > no way to get reasonable evidence of a subscriber loosing its private > key. And to suspect every cert has been compromised well, then all CAs > would need to make a huge CRL and pretty much revoke any certificate > that's been active during this incident, as all might be suspected of > compromise. Yes; that's more or less what needs to happen, unfortunately. Thousands of certificates have been, or are being, revoked currently at the request of their owners. It doesn't matter if I trust StartCom; it does matter that I do not trust the certificates they have signed. > But as a end here, try to get a new certificate for a new subdomain if > you can not pay $25. Or actually start to pay for SSL from the first > place? I mean, nothing is really free in the world, something got to > cost. IMHO this removing of StartCom is just bogus. Maybe that Mozilla > can go together and force out a policy of instant removal from clients > if they request so, but until then, they have been included, they have > given out numerous certificates and even considering removing them > from the trust store because of this is ludicrous. While I firmly agree that using a sensible choice of CA, paying a small fee now to cover against disaster later, and all you suggest is sensible, unfortunately I for one cannot trust certificates signed by StartCom at this time and have removed it from my trust anchor list. In the words of the inclusion policy's section 4, I feel they cause me "undue risk". This means that sites such as eff.org and xmpp.org are no longer trusted by my browser; though I note that both seem to be running certificates issued last year, so this is actually a good thing. I'm curious as to what reasoning other people feel a CA which is known to have thousands of potentially compromised certificates in circulation is suitable as a trust anchor. Dave. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
