On Wednesday, August 31, 2016 at 11:03:11 PM UTC-7, Percy wrote: > Indeed, WoSign has become too big to fail. I would suggest that the decision > whether to remove WoSign should be independent of whether it's practical to > implement such removal. Otherwise, larger CA basically gained "natural > protection" from mere usage numbers over smaller CA in terms of enforcement > actions.
Note: I intentionally did not phrase it in terms of practicality of removal, but practicality of options. Whatever decision is made, it must be implementable, otherwise, it's theatre. So you have to consider what is possible when considering what is appropriate. If we allow ourselves to consider the impossible as options, then it might as well say that any CA that screws up needs to travel back in time and unissue the certificates, since surely that too would solve the problem. > On the practical implementation, I suggest the following. > All existing certs issued by WoSign need to be logged by enough CT logs by > say Dec 31, 2016. > After Jan 1, 2017, the browser will only trust a cert from WoSign if > 1) CT is present > 2) The cert is submitted to CT logs before Dec 31, 2016. CT is not designed nor intended for online checking, so #2 is a non-starter. > Or we can use an offline whitelist. How about include SHA-2 of existing > WoSign certificates in the binary? So the browser would first check whether > it's signed by WoSign, if so, compare the hash of the cert with the offline > list. 224 bit hash * 230K certificate = 6.5 MB. Considering the Chrome > installer file is almost 70MB, this might be acceptable. 1) SHA-2 is 256-bit, not 224-bit 2) A 100KB increase is unacceptable, especially for mobile users. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
