On 28/12/08 12:13, Kai Engert wrote:
If we'd like to be strict, we could remove CAs from our approved list if
they have shown to be non-conforming in the above way.
Yes, we could! But this is what we call a blunt weapon. It is also a
dangerous weapon. Consider (all) the consequences in the current case.
First, losses we will incur, regardless:
1. Certs: All end-users who rely on these certs will lose. That
probably numbers in the millions. All subscribers will lose, probably
in the thousands. The CA will lose; potentially it will lose its
revenue stream, or have it sliced in half (say), which is what we would
call in business circles a plausible bankrupcy event.
2. Mozo: Mozilla will lose because of all the undelivered security
(all those good certs and subscribers and end-users). It may be sued by
the CA and the CA's investors and/or the receiver/liquidator for a bad
decision.
3. Industry: All other CAs will lose because they will now have to
include in their business plans the possibility of a root being dropped
by a bad decision.
4. Security will go down, because less certs are delivered and in
use. (It's hard to calculate the secondary losses here, but not
impossible.)
Second, the losses we seek to stop:
1. Against that you can weigh the damages done so far and the harm to
protect against. We know it is down to 11 or so certs, all revoked.
Therefore, we know that the damage is stopped now, and there is only an
unknown window of 11 certs from their issuance to last week.
In practice, this calculates as zero damages, because the likely
scenario is that no harmful certs were issued [1].
2. There is the possible benefit to the other CAs as a punishment tool,
in the case where the decision is good (see 3. above). There could be a
knock-on effect in convincing CAs to tighten their game. However, this
needs to be balanced against other costs and loss of certs, and in
practice, the dominant factor is this: more certs is more security,
less certs is less security.
Until we get new info, this is the estimate on the table. Therefore
dropping the root will cause large losses, and will stop nothing, in the
current case.
The wider policy problem here for Mozilla, for this forum, and for the
whole PKI is that no matter which way you analyse, it, we've got nothing
in the way of a punishment. Stick any numbers you like in the above
example, and watch what happens. Removing the root is useless as a
punishment. It only has downside, for all. It will likely never
happen, and we should stop talking about it.
iang
[1] no harmful certs == unreliable certs issued to people to do bad
things. E.g., we ignore false certs that are already controlled.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
