Matthew Hardeman <mharde...@gmail.com> writes: >What gap, exactly? There’s not a risk here.
There are attacks possible, but this stuff was covered more than twenty years ago by PKIX and I can't remember the specifics. It was around various ways of fooling a victim that you'd signed something that you hadn't based on the two different certs. >I don’t think it’s been codified that private key possession or control has >to be demonstrated. All the PKIX cert-enrolment protocols (CMP, CMC, and plain PKCS #10) as well as the non-PKIX SCEP require proof-of-possession in order to deal with these problems. Unfortunately in the PKIX tradition the spec just says "In order to prevent certain attacks" without ever saying what they are. I assume this is ACME that allows a key to be certified without any proof that the entity requesting the certificate controls it? I don't know that any of the PKIX protocols allow it. Peter. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy