On 5/14/2015 8:25 AM, Gervase Markham wrote: > Hi everyone, > > The topic of name-constraining government CAs, probably to the TLD(s) of > their territory(ies), has come up numerous times. I'd like to try and > hash out, once and for all, whether we think this is actually a good > idea, so we can decide to work towards doing it, or decide actively not > to do it. And then document the decision. > > Questions > ========= > > The key questions I would like to discuss to begin with are: > > 1) "Is the security analysis relating to government CAs, as a class, > different to that relating to commercial CAs? If so, how exactly?" > > 2) "If it is different, does name-constraining government CAs make > things better, or not?" > > These questions will probably lead us, in passing, to discuss how to > define "government CA", but let's try not to let that dominate the > discussion. If possible, stick to clear examples. > > I think that if we can get clear answers to those questions, those would > form the basis of a policy to explain why we are (or are not) taking action. > > Scope > ===== > > Out of scope for this discussion are: > > * Whether we should name constrain CAs other than government CAs (note > it's possible we may decide not to name constrain government CAs as a > class, but later decide to name constrain some other class of CAs) > > * The trustworthiness or otherwise of particular specific governments > > * The exact details of which TLDs any particular government CA might be > constrained to > > * The level of impact on the net of imposing such constraints
There is an ongoing dispute between the U.S. and China whether the government in China is behind attacks on both government and commercial computer systems in the U.S. This is NOT to question the trustworthiness of the government of China but to give one example of the possibility of hostile actions by a government certification authority (CA). Snowden revealed how the U.S. NSA is intercepting Internet communications in bulk. This is NOT to question the trustworthiness of the government of the U.S. but to give another example of the possibility of hostile actions by a government CA. With "cyberwarfare" constantly discussed in the news, U.S. Congress, and other venues, it appears to me that government CAs should indeed be restricted to the TLDs of their respective jurisdictions. Furthermore, since governments can apply pressure (often secretively) to commercial enterprises, a similar restriction should be applied to all commercial and non-government CAs. In this case, they should be restricted to TLDs of those jurisdictions where they have registered and whose governments have granted the CAs permission to operate. -- David E. Ross I am sticking with SeaMonkey 2.26.1 until saved passwords can be used when autocomplete=off. See <https://bugzilla.mozilla.org/show_bug.cgi?id=433238>. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
