beltzner wrote:
Well, that and brand loyalty. I think we need to make the CAs more
publically accountable for their assertions and actions.
While this would be great in theory, I continue to have reservations
about the ideas which have so far been suggested to put it into
practice. (Perhaps you and Jonathan have better ones :-)
In order for the CAs to be accountable, there have to be negative
consequences of their bad actions which they would want to avoid. We,
the browser makers, can provide negative consequences by removing their
roots (which also has negative consequences for our users) or by
revoking their EV status (which has negative consequences for that CA's
direct customers, the websites, which is a great improvement on
root-yanking, because the CAs will get yelled at rather than us).
However, such negative consequences are provided without too much of the
"publically" from your sentence above. "Publically accountable" has, at
least in the past, been associated with putting CA names in the chrome.
I don't know if that's what you mean, but I find it difficult to imagine
a world where the average Internet user has brain space to know about
and store reputation information for 20 or 30 CAs - and to modify their
behaviour based on that information.
In other words, for CA public accountability to work in this scenario,
the following has to happen: user shops at site Foo Corp. User spends
half an hour filling their basket. User goes to the checkout, and finds
that it's secured by Snake Oil CA. User has a strong enough
understanding that Snake Oil CA has a bad reputation that they throw
away their basket and go and shop elsewhere.
I can't see that happening.
Those CAs
that aren't holding up to their end of the EV bargain should be either
stripped of their ability to issue EV certs, or suffer brand
affiliation consequences.
Stripped of their ability, certainly.
Gerv
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
