On 03/09/16 01:15, Matt Palmer wrote: > On Fri, Sep 02, 2016 at 03:48:13PM -0700, John Nagle wrote: >> On 09/02/2016 01:04 PM, Patrick Figel wrote: >>> On 02/09/16 21:14, John Nagle wrote: >>>> 2. For certs under this root cert, always check CA's >>>> certificate transparency server. Fail if not found. >>> >>> To my knowledge, CT does not have any kind of online check >>> mechanism. SCTs can be embedded in the certificate (at the time >>> of issuance), delivered as part of the TLS handshake or via OCSP >>> stapling. >> >> You're supposed to be able to check if a cert is known by querying >> an OCSP responder. OCSP stapling is just a faster way to do >> that. > > OCSP stapling is also a *privacy preserving* way to do that (also > more reliable, in addition to faster). I'm not sure that essentially > snooping (or at least having the ability to snoop) on the browsing > habits of users who happen to connect to a website that uses the > certificate of a poorly-trusted CA better serves the user community > than just pulling the root. I guess at least we're not training > users to ignore security warnings this way, and since if Mozilla is > running the OCSP responder (or similar) you're already trusting > Mozilla not to snoop on your browsing...
In addition to these concerns, (and assuming Mozilla would even be willing to go down that route), I'm not sure how reliable a Mozilla-operated OCSP responder would be given that the majority of users who visit sites that use WoSign are probably behind the GFW. If the answer is somewhere between "unreliable" and "extremely slow", you might just as well pull the root (just for the sake of this argument), which would mostly inconvenience site operators (as opposed to every single Firefox user). _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
