On Tue, Mar 10, 2020 at 5:56 PM Piotr Kucharski <[email protected]> wrote:
> I'm sympathetic to CAs wanting to filter out the noise of shoddy reports >> and shenanigans, but I'm also highly suspicious of CAs that put too >> unreasonable an onus on reporters. It seems, in the key compromise case, >> the benefit of the doubt should largely deal with the reporter. If we saw >> some quantifiable increase in hijinks and misrevocations, there are a >> myriad of ways to deal with that. The most effective of these reasons seems >> to be facilitating rapid replacement of certificates, rather than >> preferring ossification. >> > > I am totally against putting unreasonable onus on reporters! But hopefully > you agree that CAs should strive for zero false positives in revocations. > I'd happily take a 95% false positive of revocations if there were 0% impact in the revocation (e.g. due to easy replacement). I'm mainly hesitant to setting up a system of 0% false positives but which has a 5% false negative. That's why I'm less excited for standard systems of signaling revocation (not that there isn't some value!), and more keen on systems that make revocation easier, quicker, and less-impactful. That's obviously Hard Work, but that's the exciting part of working in PKI. Everything is Hard Work these days :D _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
