On Sun, Nov 10, 2024 at 08:52:49AM -0800, Aaron Gable wrote:
> Thanks for running this important service!
>
> The FAQ points out that the revokinator does not use the standardized ACME
> method for reporting key-compromised certificates. The reason given is that
> the ACME method requires the private key to be online to sign a nonce (i.e.
> to demonstrate, not just assert, compromise), but the revokinator stores
> private keys offline "for security reasons".
>
> Given that these private keys are already compromised, why is the
> revokinator's storage solution so important as to preclude implementing the
> only (as far as I'm aware) IETF-standardized compromise reporting mechanism?

For much the same reason that full-disc isn't the standard way of
reporting software security vulnerabilities.  While the keys are
compromised, in the sense that someone other than the legitimate user of
the key has a copy of them, they aren't necessarily universally known to
every bad actor.

Given that I've got keys that have, at times in the past, been for
certificates with sANs like "*.gov.<ccTLD>", I don't feel it is
appropriate to leave those private keys in a centralised location for
any miscreant with a penchant for network interception to grab en masse
and use as they desire.  Hence, all private keys are stored offline and
encrypted, in a deliberately not-easy-to-access form.

I shall augment the FAQ to make this more clear.

- Matt

-- 
You received this message because you are subscribed to the Google Groups 
"dev-security-policy@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to dev-security-policy+unsubscr...@mozilla.org.
To view this discussion visit 
https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/086afaca-6642-434e-bb92-2406b1414339%40mtasv.net.

Reply via email to