> Hi Nils, > > This is interesting, but unfortunately, doesn’t work. The 4-certificate > hierarchy makes the very basic, but understandable, mistake of assuming the > Root CA revoking the SICA is sufficient, but this thread already captures > why it isn’t. > > Unfortunately, as this is key to the proposal, it all falls apart from > there, and rather than improving security, leads to a false sense of it. To > put more explicitly: this is not a workable or secure solution.
Hello Ryan, We agree that revoking SICA would not be sufficient and we mentioned that in section 2.3 in the above message. The new solution described in section 2.3, not only proposes to revoke SICA (point (iv)) but also to revoke ICA (point (ii)) in the 4-level hierarchy (RCA -> ICA -> SICA -> EE). We believe this makes a substantial difference. Nils _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
