On Mon, Aug 31, 2015 at 7:02 PM, Kathleen Wilson <[email protected]> wrote:
> Breaking this out into a separate discussion: > > ...should Mozilla continue to accept >> certificates without the "Websites" trust bit? Considering that there are >> not clear guidelines for how to process either code signing or email, and >> considering their relevance (or lack thereof) to Mozilla, it would seem >> wise to carefully consider both whether to accept new applications and >> what to do with existing applications. My own personal suggestion is to >> not accept new certificates, and to purge the existing ones. >> > > > I have always viewed my job as running the NSS root store, which has many > consumers, including (but not limited to) Mozilla Firefox. So, to remove > something like root certs that only have the email trust bit enabled > requires input from the consumers of NSS. It should not be removed just > because Firefox doesn't use it. > > Is the mozilla.dev.security.policy forum the correct place to have this > discussion about the NSS root store only including root certs with the > Websites trust bit enabled? > > Or should I start the discussion in another forum, such as > mozilla.dev.tech.crypto? > Has Mozilla stopped supporting Thunderbird? The S/MIME support in Thunderbird has an insane user interface. It took me over 20 minutes to issue myself a cert. But it is there and it could be fixed very easily. I would even be willing to do the fixing only the instructions for setting up a development version of the library are utterly incomprehensible, incomplete and wrong so after a couple of days, I gave up. To support a world in which everyone is using end-to-end secure mail we need more than one trust model. The PKIX hierarchical approach works for enterprises but not for individuals. OpenPGP has two models, the direct trust model via fingerprints which works at an individual level and the Web of Trust model that everyone agrees does not scale. A couple of years ago, when I started work on what has become The Mesh, I took a look at combining the PKIX and OpenPGP approaches using a 'work factor' approach to provide an objective measure. Rather surprisingly, I discovered that it is possible to make the Web of Trust scale if you combine the Direct trust, CA Trust and Web of Trust concepts. Right now I am working on a proposal that I think takes email messaging security to the next level and makes ubiquitous use practical for the first time. I have been publishing drafts on IETF as I go along but the next increment should be a quantum leap forward. My goals are * Make computers easier to use * Make computers secure at the same time as being easier to use * Put the user in full control of their security to the maximum extent that they are able to take that responsibility. This is not the time for Mozilla to be dropping support for email roots. Moreover the principle of separating email roots and code signing roots from TLS roots is sound. If Mozilla were to stop recognizing separate roots, that would encourage CAs to conflate concerns that should be separated. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
