+1 to Ryan's comments. The plan locks small CAs into being small while letting big CAs continue to dominate the market. It basically prevents new CAs for even entering the market.
-----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+jeremy.rowley=digicert....@lists.mozilla.org] On Behalf Of Ryan Sleevi Sent: Friday, March 6, 2015 6:40 PM To: Richard Barnes Cc: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Name Constraints On Fri, March 6, 2015 4:26 pm, Richard Barnes wrote: > Hey all, > > I've been doing some research on the potential benefits of adding > name constraints into the Mozilla root program. I've drafted an > initial proposal and put it on a wiki page: > > https://wiki.mozilla.org/CA:NameConstraints > > Questions and comments are very welcome. There's a lot of details to > work out here, but I think there's some significant benefit to be realized. This seems unfortunate, especially given ICANN's efforts to extend the set of gTLDs. While it might seem simple to argue from a security benefit, the reality is that it further ensures "too big to fail", by reducing the number of CAs that can issue for a given name. If a CA wishes to extend beyond the assigned scope, it would now have a 1 month waiting period, although there will inevitably be a queue, and then have to wait for a 12-18 month upgrade period for projects that have used the name constrained roots. We've already seen the negative effects this can have on roots wishing to migrate to stronger algorithms (ECC, SHA-2), in which they have to wait a long time in the queue. Given that sites in consideration already have multiple existing ways to mitigate these threats (among them, Certificate Transparency, Public Key Pinning, and CAA), and that there are further proposed solutions to mitigate the risks (such as OCSP Must Staple), I'm curious what are the specific benefits you see versus the real costs for users and CAs. While the CA costs are both obvious and somewhat mentioned above, consider the user costs. If there's a site that operates in multiple gTLDs (say, for sake of example, Google), the set of CAs they can now use are the set of CAs that are authorized to issue for the union of those domains, or they must issue and manage multiple certificates for multiple domains and manage them, their policies, and their expirations separately. As we know, many users of certificates complain the operational costs are a significant burden, and while ACME hopes to address some of them, it's also hopefully evident that it will fail to do so for some time. What would you imagine the name restrictions for the major CAs to be? Or for Let's Encrypt's nascent CA? Presumably unrestricted, correct? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
