On Thu, 12 Nov 2020 15:51:55 -0500
Ryan Sleevi via dev-security-policy
<dev-security-policy@lists.mozilla.org> wrote:

> I would say the first goal is transparency, and I think that both
> proposals try to accomplish that baseline level of providing some
> transparency. Where I think it's different is that the concern
> Dimitris raised about "minimums", and the proposed language here, is
> that it discourages transparency. "We accept X or Y", and a secret
> document suggesting "We also accept Z", makes it difficult to
> evaluate a CA on principle.

[...]

> Yes, this does mean they would need to update their CP/CPS as they
> introduce new methods, but this seems a net-positive for everyone.

I think the concern about defining these other than as minimums is
scenarios in which it's clear to us that key compromise has taken place
but your preferred policy forbids a CA from acting on that knowledge on
the grounds that doing so isn't "transparent" enough for your liking
because their policy documents did not spell out the method which
happened to be used.

The goal of this policy change is to avoid the situation where a
researcher has one or more compromised keys and, rather than being able
to quickly and securely set in motion the process of revoking relevant
certificates and forbidding more being issued they end up in a game of
telephone (perhaps literally) with a CA because its policies are
unclear or unworkable.

You seem to anticipate a quite different environment in which "secret
documents" are used to justify revocations which you presumably see as
potentially illegitimate. I haven't seen any evidence of anything like
that happening, or of anybody seeking to make it happen - which surely
makes a Mozilla policy change to try to prevent it premature.


Nick.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
  • Policy 2.7.1:MRSP Issue #20... Ben Wilson via dev-security-policy
    • Re: Policy 2.7.1:MRSP ... Dimitris Zacharopoulos via dev-security-policy
      • Re: Policy 2.7.1:M... Ben Wilson via dev-security-policy
        • Re: Policy 2.7... Dimitris Zacharopoulos via dev-security-policy
        • Re: Policy 2.7... Ryan Sleevi via dev-security-policy
          • Re: Policy... Nick Lamb via dev-security-policy
            • Re: P... Ryan Sleevi via dev-security-policy
              • R... Nick Lamb via dev-security-policy
                • ... Ryan Sleevi via dev-security-policy
                • ... Nick Lamb via dev-security-policy
                • ... Ryan Sleevi via dev-security-policy
                • ... Peter Bowen via dev-security-policy
                • ... Ryan Sleevi via dev-security-policy
                • ... Dimitris Zacharopoulos via dev-security-policy
                • ... Ryan Sleevi via dev-security-policy
                • ... Dimitris Zacharopoulos via dev-security-policy

Reply via email to