You are right - removing CA certs is very, very hard.
Actually, I don't believe that the statement "removing CA certs is hard" is true as a general proposition. When people say this I suspect that they usually mean "removing CA certs associated with major e-commerce sites is hard". But we have on the order of 100 CAs in the default set, and if we look at CA market share (as reported by E-Soft just this past week):
http://www.securityspace.com/s_survey/sdata/200502/certca.html
we see that once you get past the top six CAs (excluding self-signed certs, which are #4 in the list), no other CA has more than 1% of the market for SSL server certs or more than a thousand or so servers using its certs.
(This also gives an idea of the business prospects for a new CA issuing SSL certs for the public Internet: a few hundred servers times a few hundred dollars US per server per year equals annual revenue of USD 100K to 1M at best. This is not a attractive business proposition IMO. It makes more sense to run a CA as an "add-on" offering to other services, like domain registration, to try to crack other markets beyond SSL servers on the public Internet, or to run a CA as a nonprofit enterprise to serve some public purpose. See also my comments below on the types of new CAs I'm seeing.)
My conclusion is that outside of the top CAs we could remove any CA in our list and the immediate consequences would be pretty limited. (The only exception would be if a major site happened to be using one of these low-market-share CAs, but I suspect most if not all of the major sites just go for a cert from one of the well-known CAs. And according to Nelson at least the major CAs have not been a problem historically, and this may continue to be the case. So in practice any problems we see in terms of "duff certs" may be confined solely to CAs outside the major ones.
(Incidentally, what I'm seeing in terms of new CAs requesting approval is that many of them are "specialty" CAs that serve a particular geographic area, e.g., the various European and Asian CAs that have applied or a particular subset of users, e.g., university/research-affiliated CAs.) The geographic CAs are either government-affiliated (e.g., the Staat der Nederlanden CA affiliated with the Dutch government) or are presumably content with trying to achieve a big share of a limited national market (e.g., Unizeto CERTUM in Poland).
I think a more important barrier to removing CAs may be actually finding developers to patch NSS and get those patches into distributed versions of Firefox et.al; this has certainly be an ongoing issue with getting CAs *into* the default set. (And there's also the work of reviewing existing CAs for possible exclusion, which also needs people willing and able to do it.)
Frank
-- Frank Hecker [EMAIL PROTECTED] _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
