On 2020-11-14 5:01 π.μ., Ryan Sleevi wrote:
I believe it's possible to do, with the original language, but this requires the CA to proactively take steps to address that in their CP/CPS. That is, I think it'd be reasonable for an auditor to conclude that, if a CA stated "We do X, Y, Z" in our CP/CPS, then doing "A, B, or C" without it being listed in their CP/CPS first would be an issue. I believe that is the concern you're raising, if I understood you correctly.

Exactly, and the first proposed language by Ben, doesn't seem to allow the CA to include language to support "and any other method". This is not like the Domain or IP Address Validation methods where "any other method" was considered a bad thing. This is a case where we should welcome additional acceptable methods for third-parties to demonstrate their control of compromised keys.


The way to address that, and what I think is a good goal, is to get it to be "We do X, Y, Z, and any other method", ideally, when CAs make the update in response to the new policy. As situations come up on a case by case basis, the CA can deal with the issue without any update required first. If any CA updates their CP/CPS without also adding "and any other method" in response to the new policy, we can then clarify whether they're intentionally stating they'll reject anything, or whether it was an oversight, and like you, they want extra flexibility because they want to go "above and beyond" as needed.

However, I also want to make sure that any formally accepted method of proof is documented in the CP/CPS. So if the CA formalizes A and B as routine operations, they will update their CP/CPS to state "We do X, Y, Z, A, B, and any other method". This makes it clear which are the guaranteed methods they promise to accept, as well as that exceptions are recognized as necessary, and they will be accepted and dealt with.

I think we're in agreement here, and I already stated that in a previous reply.

"For CAs that want to do the right thing with this flexibility, the original language Ben proposed seems to be problematic, which is why I highlighted it in the discussion. The updated language keeps all the "good" things from the original language, and allows the CA to accept a reporting method that they may have not considered. Obviously, the logical thing is that once this new method is accepted, the CPS should be updated to include that additional method but that might take place later, after the report was accepted and certificates revoked."

We could make the language even stricter so that if a CA accepts new methods to demonstrate key compromise not mentioned in their CPS, they should include the details of these new methods in an upcoming CPS update (although I consider this redundant because this is IMO the normal way of doing things). Since CAs are required to perform this update task at least once a year, this information will eventually end up in their CPS.

I will reply to Peter's post separately why I think invoking that particular revocation reason is IMO not such a good idea.


Dimitris.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to