On Wednesday, September 21, 2016 at 12:05:49 PM UTC-7, Peter Kurrasch wrote:
> I have a hard time seeing how any sort of white list solution will actually
> mitigate any of the bad behavior exhibited by WoSign.
This doesn't help understand where your disconnect is, or how we might educate
and inform you about different perspectives.
> So the problem I have with a white list is the implication that while we
> don't trust the CA to issue new certs, we do have trust in the continued
> operation of other parts of the CA.
Once a certificate is issued, it's issued. What continued operations, beyond
revocation (which doesn't work in the Web PKI) do you see as necessary?
> I'm just having a hard time seeing how there is anything left to trust when
> it comes to WoSign. Maybe the best outcome would be a finding of
> irreconcilable differences and for us to go our separate ways? Maybe we just
> want different things in a global PKI system?
It's unclear who you're referring to here. I think, judging by some of your
replies, that some of the experts in this space don't agree with you or your
conclusions, but this may simply be a teachable opportunity.
To try to explain to you:
A wholesale distrust is, in effect, a statement that we believe no certificate,
past, present, or future, is trustworthy. This is a very strong statement, and
it's very hard to make, even under significant evidence, but is sometimes
necessary (for example, when an unknown number of unconstrained sub-CAs have
However, if you're willing to believe that no unconstrained sub-CAs exist, and
if you're willing to accept that most, but not all, certificates were issued
according to the policies and community expectations, then such a statement is
overly harsh. By overly harsh, I'm not considering the reception of the CA, I'm
considering the message that browser vendors would be sending to users and to
sites that have chosen to use such certificates.
For example, do you believe that if a user tries to access
https://www.wosign.com, they should be shown an interstitial? Do you believe
that is a helpful message to end users? Do we believe that the specific
certificate is untrustworthy?
In most CA cases, when evidence of malfeasance is discovered, it's not 100% of
the certificates. It might be .001%. But that .001% is significant enough to be
uncomfortable to trust NEW certificates, because that margin is too high.
Further, once disclosed via CT, we can reasonably be confident that EXISTING
certificates conform to appropriate policies.
The only continuinity of business that a CA would potentially need to provide,
in the event of a distrusting, is OCSP and CRLs. And we know those simply don't
work at the WebPKI, which is why CRLSets and OneCRL and Certificate Distrust
List exists. So I have trouble with your suggestion that a whitelist is an
indication of continued trust in a CA, other than it's a recognition of the
fact: "Most" of the certs are probably OK, but "new" certs have too high a
margin of risk to continue to be accepted.
dev-security-policy mailing list