Someone has recently suggested to me that one of the CAs now included in Mozilla's list of trusted root CAs actually has the practice of generating key pairs (including the private key) for their subscribers and delivering the private key and associated cert chain to the subscriber in a PKCS12 file.
Of course, this means that the subscribers are not the only holders of their private keys, and so they never have assurance that anything sent encrypted to them is truly private between the sender and themselves. Likewise, they cannot be certain that only they have signed documents verifiable with their certified public key. Do we really want to allow this? Should this at least be a question that CAs must answer as they apply for cert inclusion or EV status upgrades? _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
