> My understanding is that neither the BRs or any Root Program require that > that subordinate CA key be weaker or equal in strength to the issuing CA's > key. > > Additionally, such a requirement would prohibit cross-signs where a "legacy" > root with a smaller key size would certify a new root CA with a stronger key. > For that reason, this illustrative control seems problematic. >
Thanks, Corey. I also see it problematic, but I've been seeing other root programs (i.e. Spanish Government) enforcing this rule, so I'd like to understand if it's a "best practice" or a rule, and, in particular, if it's rule to be respected for TLS-oriented hierarchies. P _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy