On Mon, Nov 14, 2016 at 7:14 AM, Gervase Markham <[email protected]> wrote: > On 14/11/16 14:00, Peter Bowen wrote: >> It is very easy to mint TCSCs at scale without violating the letter or >> the spirit of the BRs and other requirements. > > I guess I didn't mean to imply that it was hard or easy, only that it > hasn't been done so far. But I did wonder about auditors witnessing key > ceremonies - would that be a necessary component? Does that make things > more complicated?
1) Auditors are not required to witness key generation ceremonies for non-Root CA keys when the new CA is operated by the same entity as the parent CA. 2) There is no requirement that the binding between CA distinguished name and key pair occur during the key generation ceremony 3) There is no requirement that each CA have a unique key pair. Combine all three of these and there are multiple paths to easy TCSC creation. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
