Frank Hecker wrote:
...
The second method requires the users to grow their awareness of CAs
(of which they know nothing today). It also requires more window
real-estate. But it keeps MF out of the judgment business, which is
a business that MF seems particularly loath to do.
I think you're mischaracterizing the MF position (which is really not
the MF's position, at least not yet, but rather mine). I am not averse
at all to having the MF make judgements. My position is rather that the
judgements have to be based on some reasonable set of criteria that a)
can be justified in terms of reducing security risks to users; and b)
reflect the reality of how CAs operate today and are likely to operate
in the future.
I'd add to that c) can be justified in terms of the risks
that MF takes on by making those judgements.
Now, I want to summarize this. IMO, it turns out that COST has been the
only factor responsible for the apparent success of PKI, having kept the
issuers of duff certs out, and having allowed the issuers of good certs
in. It wasn't the WebTrust criteria that kept them out, it wasn't the
ETSI TS 101, it wasn't nosy auditors, it was cost.
This is a perfectly legitimate argument IMO: Costs artificially imposed
by browser vendors (e.g., requiring payments for inclusion, or requiring
costly audits) have been barriers of entry to the CA market that had the
effect of keeping out potential entrants who were judged inferior in
some way (did't know how to issue technically correct certs, didn't
follow good practices, etc.).
I think the one hole in the argument is that incumbents in the market
are now motivated to offer products like "control of domain" certs that
are issued according to less stringent policies. (Because after all
commercial CAs are businesses, not charities, and they have to grow the
business in order to satisfy shareholders and continue to pay for all
those experienced professionals, CA audits, etc.) And this in turn
reduces the perceived gap between such incumbents and the other CAs.
I'm not sure it is fair to characterise CAs
as only commercial. CACert is not, and as I
wrote earlier, I found the process of being
"inducted" by them a far more daunting one
than the systems used by commercial CAs.
Also, some CAs are quangos. This tends to
occur when a "banking" style pervades in a
given country. Then, a CA tends to be operated
as a single operation wholly owned by big
organisations that are regulated and thus the
CA tends to be regulated. This removes their
profit motive, even if they are constituted as
a for-profit company.
Now, in such a scenario, it is somewhat restrictive
to think in terms of money as the barrier. It's
certainly an observation that money can be a barrier,
but it can also be a destroyer. (I used to live
next door to a TLD that was run for free and well
governed. Money came along and destroyed it....)
Perhaps cost has also kept out some potential issuers of good certs.
That is unfortunate. But in the security business, I think we have to
err on the side of caution, on the side of security. This isn't
"innocent until proven guilty". This is "untrusted until established
as trustworthy". The only value that PKI/crypto offers is
trustworthiness.
If we lose that, we've lost the war.
Existing CAs already issue "control of domain" certificates that don't
involve strong identity checking, and IE, Firefox, etc., already "trust"
those CAs and certs. So is the war lost, or not?
This is the bit I don't get. We are in a situation
of being able to acquire practically any cert we
want whenever we want. (With a bit of skulduggery
of course, but polite thieves don't talk about that.)
So surely the pressing need is to *improve* that
situation ... by preparing the browser with additional
defences? No?
> Did Netscape have such requirements?
No, they required $$$$. Ever notice how the supply of PSM developers
ended at about the same time as the trusted CA money stopped? Hmmm.
Are you suggesting that the MF charge CAs money and use it to hire PSM
developers? :-)
If MF is in the judgement business, I would say that
MF should definately charge money. As MF is now
implicitly in the judgement business by dint of
inheritance from Netscape, the current set of CAs may
have a backdated invoice coming .... unless the policy
changes along the lines of an objective, no-judgement
basis.
Netscape were able to get away with not explicitly
accounting for the risks they were taking on by being
a big company with a big balance sheet. It isn't
necessary to account for all risks, as long as the
balance sheet covers it. MF has no such easy ride.
It might well be a good idea to go back to the early
emails and internal memoranda to determine what
Netscape actually said about the risk of accepting
a CA into the root list. I gather the $$$$ was quite
large, so maybe they simply said "that should cover it."
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
