On Mon, Sep 19, 2022 at 1:44 PM Ben Wilson <[email protected]> wrote:
> Here is another option (deleting the other MRSP language previously > proposed): > > Section 7.4 “Root CA Life Cycles” > > Root CA certificates included in the Mozilla root store will be distrusted > when their CA key material is over 15 years old. The date of CA key > material generation SHALL be determined by reference to the auditor’s key > generation ceremony report. For key material generated before July 1, 2012, > Mozilla will assume that the key material was generated on the “Valid From” > date in the root CA certificate. For transition purposes, root CA > certificates in the Mozilla root store will be distrusted according to the > following schedule: > > Key Material Created > > Distrust Date > > Before January 1, 2006 > > April 15, 2025 > > 2006-2007 > > April 15, 2026 > > 2008-2009 > > April 15, 2027 > > 2010-2011 > > April 15, 2028 > > 2012- April 14, 2014 > > April 15, 2029 > > April 15, 2014 - present > > 15 years from creation > > This schedule is subject to change if the underlying algorithms become > more susceptible to cryptanalytic attack. > > CA operators MUST apply to Mozilla for inclusion of their next generation > root certificate at least 2 years before the Distrust Date above. > > Thoughts? > I think "cryptanalytic attack" may be a bit too narrow. I think you should consider widening the spectrum of attacks. What if unexpected advancements in hardware make it feasible to attack a key using existing algorithms? Or, what if the cost of power drops significantly so that powering the hardware is no longer a concern? Jeff -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAH8yC8%3D4UChsnCPx4Jqi%2BDZR6qJ%3DRt4%2ByZ9R5YfiZFs6i1CGHw%40mail.gmail.com.
