On Wed, 2010-04-07 at 05:17 +0300, Eddy Nigg wrote: > On 04/07/2010 05:01 AM, Matt McCutchen: > > But I do want to allow many more people to have their own sub-CAs, > > unless there is an actual technical reason why it is a bad idea, in > > which case I am hoping you will tell me. > > Yes, for example do all potential client software enforce > name-constraining?
No. But since the name constraint extension is critical, client software that does not support name constraints is required to reject the intermediate certificate, which is safe. If client software accepts the certificate but does not properly enforce the name constraints (e.g., NSS bug 394919), that is the client software's vulnerability. CAs could start doing as I propose today. NSS users would be vulnerable and, strictly speaking, it would be their own fault. Users of client software that does not support name constraints (MSIE?) would be completely unaffected since their software would reject all the new sub-CAs. > How are the keys secured? Are the sub CAs going to > be audited (including site visit) as the root CA? How are the validation > requirements enforce? And a couple of more such questions... This is not an issue. The name constraint makes it impossible for a domain registrant to issue a certificate that validates for a server name outside that domain. Hence, anything bad I do with my intermediate certificate could only hurt me as registrant of mattmccutchen.net. -- Matt -- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
