Matthew Hardeman wrote: > On Wednesday, December 13, 2017 at 5:52:16 PM UTC-6, Peter Gutmann wrote: >> In all of these cases, the device is going to be a safer place to generate >> keys than the CA, in particular because (a) the CA is another embedded >> controller somewhere so probably no better than the target device and (b) >> there's no easy way to get the key securely from the CA to the device. > > Agreed, as I mentioned the secure transport aspect is essential for > remote key generation to be a secure option at any level.
I have strong doubts that all these Internet-of-shitty-things manufactures will get ever anything like this right. I agree with Peter: Private key generation is the least you have to worry about when using such devices. Also I'm seriously concerned that if the policy is changed to allow CA-side key generation and this gets adopted, the CAs will be forced to implement key escrow disclosing keys to <name-any-interested-party-here>. => Mozilla policy *shall not* be changed to allow CAs to generate the end entities' keys. (The only reasonable use-case for a CA generating the private keys is to ensure that they are immediately stored in a secure device. But that's not really applicable in this broad use-case.) Ciao, Michael. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy