On Thursday, August 3, 2017 at 4:34:27 PM UTC-7, Ryan Sleevi wrote: > I do hope you can clarify whether remediations apply to keys operated by > organizations, or whether they apply to the organization themselves.
https://bugzilla.mozilla.org/show_bug.cgi?id=1311832 says: "StartCom may apply for inclusion of new (replacement) root certificates[1] following Mozilla's normal root inclusion/change process[2] (minus waiting in the queue for the discussion), after they have completed all of the following action items, and shown that WoSign has no control (people or code) over StartCom." So, the remediations do apply to the organization. > If they apply to the organization, one would naturally expect they apply to > root inclusion or cross-signs, and the organization is no longer "treated > like a new CA," because they are no longer a new CA - they are an existing > one. > OK. Clearly I hadn't thought of it this way. > It is also worth noting that in the past, Mozilla directed other CAs that > cross-signing of their (new) roots would be expressly forbidden until the > corrective actions were taken and publicly reviewed. For example, allowing > CNNIC to be cross-signed prior to remediation would have defeated the entire > purpose of removal. In bug #1311832 there is a note about cross-signing: "[1] The new (replacement) root certificates may be cross-signed by the Affected Roots. However, the Affected Roots may *not* be cross-signed by the new (replacement) root certificates, because that would bring the concerns about the Affected Roots into the scope of the new roots. Due to the way we are implementing the distrust, the new root certificates must have a Subject Distinguished Name that does not overlap with the Subject Distinguished Names listed above." I don't see anything expressly forbidding cross-signing of new roots, but perhaps that was an oversight. > > In this larger light, it would also seem that StartCom, having misissued a > number of certificates already under their new hierarchy, which present a > risk to Mozilla users (revocation is neither an excuse nor a mitigation for > misissuance), should be required to take corrective steps and generate a new > hierarchy that is not, out of the gate, presenting risk to the overall > community due to its past misissuances. We can and should expect more of new > keys being included, because the compatibility risk of expecting adherence to > the Root Policy is non-existent. To me, this is very convincing that we should add the two StartCom intermediate certs to OneCRL. Along this line of discussion, I have not felt comfortable with StartCom's current root inclusion request (bug #1381406), because Hanno raised a concern about the private key used by the new root is also used by two intermediate certificates, one of them revoked. This doesn't see like good practice to me, and I'm not sure that Inigo's response is sufficient. So, I'm also wondering if I should close Bug #1381406 and request StartCom to start completely over with their new CA Hierarchy, and get it right, before creating their next root inclusion request. I will appreciate thoughtful and constructive feedback on this as well. Thanks, Kathleen _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
