On 19/05/15 12:14, Matt Palmer wrote: > The *leverage* that can be applied to any particular CA doesn't change based > on who operates it. Regardless of the operator, the only leverage we have > is removal of the CA's root certs from the trust store (or otherwise > neutering them). That certain CAs may not see that as a sufficient reason > to play nice isn't something we can influence.
This seems a bit like playing with words. If you prefer, the levers that we have are exactly the same, but the effect they have is different. I call that different leverage; call it something else if you want. > A low care factor re: removal isn't any sort of bright-line test for > givernment CAs; various corporate CA business models or other factors may > also render them rather more uncaring than the median to the threat of a > browser's leverage. Can you give an example of an active CA in the root store at the moment which wouldn't care very much about being removed? > At the same time, some government CAs no doubt would be > severely hampered in their operations were they to be removed from the > Mozilla trust store. To the extent of shutting down their public operations and telling all sites to get a root from an alternative CA? > If you want to discuss what to do about CAs for whom the threat of removal > is not a sufficient motivator for good behaviour, let's have that > discussion; no reason to artificially limit it to CAs run by governments. If a commercial CA would be unthreatened by a removal, then the question would arise: why are we including them in the first place? Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
