On Sun, Nov 10, 2024 at 08:52:49AM -0800, Aaron Gable wrote: > Thanks for running this important service! > > The FAQ points out that the revokinator does not use the standardized ACME > method for reporting key-compromised certificates. The reason given is that > the ACME method requires the private key to be online to sign a nonce (i.e. > to demonstrate, not just assert, compromise), but the revokinator stores > private keys offline "for security reasons". > > Given that these private keys are already compromised, why is the > revokinator's storage solution so important as to preclude implementing the > only (as far as I'm aware) IETF-standardized compromise reporting mechanism?
For much the same reason that full-disc isn't the standard way of reporting software security vulnerabilities. While the keys are compromised, in the sense that someone other than the legitimate user of the key has a copy of them, they aren't necessarily universally known to every bad actor. Given that I've got keys that have, at times in the past, been for certificates with sANs like "*.gov.<ccTLD>", I don't feel it is appropriate to leave those private keys in a centralised location for any miscreant with a penchant for network interception to grab en masse and use as they desire. Hence, all private keys are stored offline and encrypted, in a deliberately not-easy-to-access form. I shall augment the FAQ to make this more clear. - Matt -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/086afaca-6642-434e-bb92-2406b1414339%40mtasv.net.