subject:"RE\: KIR S.A. Root Inclusion Request"

Re: KIR S.A. Root Inclusion Request

2014-10-30 Thread Kathleen Wilson


On 10/22/14, 4:02 PM, Kathleen Wilson wrote:

On 9/23/14 5:49 PM, Kathleen Wilson wrote:

Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the “SZAFIR
ROOT CA” root certificate and enable all three trust bits.




Thanks to all of you who have contributed to this discussion.

To summarize the discussion so far, KIR has action items to update their
CPS and CRLs.

Action Item #1: Update CPS to:
A) Clarify steps to confirm the certificate subscriber owns/controls the
domain name to be included in the certificate.
B) Clarify that the same domain control verification is required for SSL
Test Certificates. Or, a preferable solution would be that test
certificates are not issued in this CA hierarchy.
C) Remove the text allowing for 4 hour OCSP downtime
D) Don’t allow certificate suspension for SSL certs
E) Clarify the maximum allowed validity for SSL certs. If it is up to 5
years, then add re-verificatin at least every 39 months, and note that
after April 1, 2015 the BRs no longer allow for 5 year certs.
F) Clarify that archiving is required for 7 years.
G) Clarify that in SSL certificates the EKU can only have
clientAuthentication and serverAuthentication.
H) Clarify plans regarding SHA-1

Action item #2: Update CRL according to one of the following options.
- include a critical IDP in your CRLs to limit their scope, or
- continue to produce full-scope CRLs and make sure that the CRLs
produced by SZAFIR Trusted CA-2011 AND SZAFIR Trusted CA-2014
contain the same revocation information; that is, they both MUST revoke
the certificates produced by SZAFIR Trusted CA-2011+2014, and take the
CRLNumber from the same sequence.


Did I miss anything?

Are there any further questions or comments for KIR before they update
their CPS?

Thanks,
Kathleen




Thanks again to all of you who contributed to this discussion.

I am now closing this discussion, and I will track the action items in 
the bug. Any further follow-up should be added directly to the bug.


https://bugzilla.mozilla.org/show_bug.cgi?id=817994

When I have confirmed completion of the action items, I will start a new 
discussion thread.


Thanks,
Kathleen

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Re: Re: KIR S.A. Root Inclusion Request

2014-10-09 Thread siudarafal

W dniu czwartek, 9 października 2014 02:12:47 UTC+2 użytkownik Erwann Abalea 
napisał:
 Bonsoir,
 
 
 
 Le mardi 7 octobre 2014 13:20:48 UTC+2, siuda...@gmail.com a écrit :
 
  W dniu wtorek, 7 października 2014 00:19:39 UTC+2 użytkownik Erwann Abalea 
  napisał:
 
 
 
  I agree that AKI is not a way to limit scope of CRL.
 
 
 
 Good.
 
 
 
  The problem you noticed concerns building cert path during validation CRL 
  (because CA and CRL are identified by name). Do you think that more 
  applications and browsers are recognizing IDP (and matching between 
  CDP/IDP) than AKI ?? There is no security hole in KIR scanario, because, 
  even if someone will substitute CRL, it will be not verified by higher 
  level CA (wrong signature).
 
 
 
 CA's duty is to produce signed elements (certificates and CRLs) according to 
 RFC5280.
 
 RP's duty is to verify those signed elements according to the same standard.
 
 
 
 Don't mix the two and lower CA's behaviour because you assert that your RP 
 will reduce their checks.
 
 
 
  We have to also remember that AKI must be included in CRL, use od IDP is 
  optional.
 
 
 
 IDP is not optional in KIR scenario, and AKI offers no support here.
 
 
 
 I reproduced a test-case similar to KIR's scenario:
 
  - root CA cert and empty CRL
 
  - sub CA generation1 and generation2 (those are the 2 certificates for 
 the same CA, with the same name, they only differ by their keys)
 
  - sub CA generation1 delivers a certificates for an EE and revokes it, 
 produces a CRL (with AKI) containing this certificate
 
  - sub CA generation2 produces an empty CRL (with AKI)
 
  - EE signs a message
 
  - a relying party tries to validate this message, with complete path 
 validation and CRL checks
 
 
 
 If the relying party is given the CRL produced by Sub CA generation1, the 
 validation fails (certificate is revoked).
 
 If the relying party is given the CRL produced by Sub CA generation2, the 
 validation passes.
 
 AKIs are followed, RFC5280 validation path is followed.
 
 
 
 The relying party software is OpenSSL, which is included in nearly every 
 Linux distrib, along with Mozilla Root CA certificates.
 
 
 
 The sample signed message is at https://kouettland.com/SZAFIR/test.eml
 
 Trust store generation1 is at https://kouettland.com/SZAFIR/verifier1.cacrt
 
 Trust store generation2 is at https://kouettland.com/SZAFIR/verifier2.cacrt
 
 
 
 Run openssl cms -verify -CAfile verifier1.cacrt -crl_check -crl_check_all 
 -extended_crl -in test.eml or openssl cms -verify -CAfile verifier2.cacrt 
 -crl_check -crl_check_all -extended_crl -in test.eml and compare the results.
 
 
 
 Issuing different complete CRLs for the same scope is a security risk, 
 whatever the key used to sign the CRL.

Erwann,
I appreciate your input, but:
1.OpenSSL cant be treated as reference application, as an oracle... OpenSSL 
doesnt support AKI in CRL. Are you sure that will it support IDP ??
What can we found on OpenSSL site: http://www.openssl.org/docs/apps/cms.html# 
in section Bugs: No revocation checking is done on the signer's certificate... 
Check this...Maybe it is not working as it should ?
2. I know, Openssl is great set of crypto primitives, and is in linux dist, but 
in reality - it means nothing...
Mozilla uses its own set of cryptolibraries - JSS/NSS, they dont uses openssl
Redhat in their CA and PKI services, dont uses openssl - they uses Mozilla 
NSS/JSS . They all supports AKI.
Moreover, browsers also doesnt have any problem with correct validation KIR 
certs and CRL
3. KIR scenario, is encountered also in Microsoft PKI, this was also issue 
in Apache MOD SSL:
https://issues.apache.org/bugzilla/show_bug.cgi?id=45708
In this scenario, you also objected against AKI, but Apache solved this bug, 
using AKI, like KIR want. Microsoft also uses AKI, not IDP.
So - rfc5280 says one thing, market revised it and uses AKI, and only AKI.
4. Lets consider OCSP - all responders uses CRL as backbone. What we have in 
OCSP request? AKI. IDP is completely useless.
5. RFC5280, 6.3 CRL validation -read it..- conforming implementations  that 
support CRL are not required to implement this algorithm...
6. I respect standards, but they should serve the market,not in opposite way.


___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Re: Re: KIR S.A. Root Inclusion Request

2014-10-07 Thread siudarafal

W dniu wtorek, 7 października 2014 00:19:39 UTC+2 użytkownik Erwann Abalea 
napisał:
 Bonsoir,
 
 
 
 Le lundi 6 octobre 2014 15:55:24 UTC+2, Certificates a écrit :
 
  Thank you for your clarifications. We analysed it, and we add Authority 
 
  Key Identifier extension to our CRLs. As it it mentioned in s. 5.2.1 RFC 
 
  5280 this extension is  especially useful where an issuer has more than 
 
  one signing key, either due to multiple concurrent key pairs or due to 
 
  changeover.  We based the value of this extension on issuer name and 
 
  serial number. We checked that GoDaddy distinguishes CRLs in the same way.
 
  The CRL for the newer CA certificate is available now here 
 
  http://www.elektronicznypodpis.pl/crl/trusted_ca_2013.crl. CRL for the 
 
  elder CA certificate will be available tomorrow.
 
 
 
 Please read X.509 or RFC5280 again. AKI is not a way to limit the scope of 
 the CRL. AKI is not to be set as a critical extension. AKI is only a helper 
 so the RP can avoid guessing which key signed this object. The RP has 
 absolutely no obligation to follow this helper.
 
 The ONLY RFC5280-compatible extension to reduce the scope of a CRL is the 
 IssuingDistributionPoint.
 
 
 
 GoDaddy distinguishes the CRLs not by their AKI, but by the 
 IssuingDistributionPoint extension, and this extension MUST be critical for 
 its goal to be achieved. BTW, the AKI extension of such partitioned CRLs at 
 GoDaddy is identical on all the CRLs (I checked 
 http://crl.godaddy.com/gds2-{1,...,17}.crl).

Erwann, 
I agree that AKI is not a way to limit scope of CRL.
The problem you noticed concerns building cert path during validation CRL 
(because CA and CRL are identified by name). Do you think that more 
applications and browsers are recognizing IDP (and matching between CDP/IDP) 
than AKI ?? There is no security hole in KIR scanario, because, even if someone 
will substitute CRL, it will be not verified by higher level CA (wrong 
signature).
We have to also remember that AKI must be included in CRL, use od IDP is 
optional. 

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: KIR S.A. Root Inclusion Request

2014-10-03 Thread Erwann Abalea

Le vendredi 3 octobre 2014 10:22:06 UTC+2, Kurt Roeckx a écrit :
 On 2014-10-02 18:53, Erwann Abalea wrote:
 
  Yet, 2 different and incompatible CRLs from the same issuer exist:
 
 [...]
 
  The CRLNumber numbering has been restarted from 1, and the revoked 
  certificates list is different. This is a security problem, and is non 
  compliant to X.509 and RFC5280. An attacker can replace one CRL by another, 
  it will be accepted by a compliant application. This is similar to the 
  PKITS test 4.4.19 (Valid Separate Certificate and CRL Keys Test19).
 
 
 
 At least godaddy is doing this too, they have over 100 CRLs covering the 
 same CA that don't contain the same revoked serial numbers each having 
 it's own counter, each still updated.  The certificates point to 1 of them.

For GoDaddy, the CRLs are limited in their scope, each of these CRLs has a 
critical IssuingDistributionPoint extension. That way, nobody can replace
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: KIR S.A. Root Inclusion Request

2014-10-03 Thread Erwann Abalea

Sorry, left hand kicked the tab key, don't remember what the right hand did but 
it sent the mail... Continuing it.

Le vendredi 3 octobre 2014 19:27:06 UTC+2, Erwann Abalea a écrit :
 Le vendredi 3 octobre 2014 10:22:06 UTC+2, Kurt Roeckx a écrit :
  On 2014-10-02 18:53, Erwann Abalea wrote:
  
   Yet, 2 different and incompatible CRLs from the same issuer exist:
  
  [...]
  
   The CRLNumber numbering has been restarted from 1, and the revoked 
   certificates list is different. This is a security problem, and is non 
   compliant to X.509 and RFC5280. An attacker can replace one CRL by 
   another, it will be accepted by a compliant application. This is similar 
   to the PKITS test 4.4.19 (Valid Separate Certificate and CRL Keys Test19).
  
  At least godaddy is doing this too, they have over 100 CRLs covering the 
  same CA that don't contain the same revoked serial numbers each having 
  it's own counter, each still updated.  The certificates point to 1 of them.
 

For GoDaddy, the CRLs are limited in their scope, each of these CRLs has a 
critical IssuingDistributionPoint extension. That way, nobody can replace 
gds2-17.crl with gds2-18.crl, because the RP will have to check that the 
CRLDP extension in the certificate matches with the IDP extension in the CRL.

There's nothing similar here for SZAKIR. The 2 CRLs are full scope CRLs from 
the same issuer, with 2 different contents.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: ODP: Re: ODP: Re: KIR S.A. Root Inclusion Request

2014-09-30 Thread Matt Palmer

On Tue, Sep 30, 2014 at 01:17:22PM +0200, Certificates wrote:
 We are able to add some additional information to our CPS. In our opinion 
 they should be more general than those in our explanations sent to you. 
 More detailed information are placed in our internal procedures, which are 
 checked by auditors.

Frankly, I don't have a particularly high opinion of the quality of the job
that auditors do on CAs.  The CPS is a Certification *Practice* Statement,
not a Certification *Principles* Statement, and so I think it is reasonable
to expect a description of the practices undertaken in issuing certificates. 
If you believe otherwise, and you're right, then the rest of the members of
this list will presumably be in support your application and you'll be
accepted into the trust store.

- Matt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: ODP: Re: ODP: Re: KIR S.A. Root Inclusion Request

2014-09-30 Thread Kathleen Wilson


On 9/30/14, 1:40 PM, Matt Palmer wrote:

The CPS is a Certification *Practice* Statement,
not a Certification *Principles* Statement, and so I think it is reasonable
to expect a description of the practices undertaken in issuing certificates.


Matt is correct.

BR section 8.2.1 says: The CA SHALL develop, implement, enforce, and 
annually update a Certificate Policy and/or Certification Practice 
Statement that describes in detail how the CA implements the latest 
version of these Requirements.


https://wiki.mozilla.org/CA:BaselineRequirements#CA_Conformance_to_the_BRs
The CA's CP/CPS must include a reasonable description of the ways the 
CA can verify that the certificate subscriber owns/controls the domain 
name(s) to be included in the certificate.


The more information in the CP/CPS, the better.

Kathleen


___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

ODP: Re: KIR S.A. Root Inclusion Request

2014-09-29 Thread Certificates

On Fri, Sep 26, 2014 at 02:42:05PM +0200, Certificates wrote:
 I don't read the CP (specifically, s2.4) as confirming that the 
Applicant
 controls the Fully-Qualified Domain Name (as per BR 1.1.9 s.9.2.1).
 
 KIR's answer:
 
 To get a SSL certificate client has to provide(CSP s.3.2):

That's presumably supposed to be CPS, not CSP (I noted that error
frequently throughout the documents themselves; you might want to get that
corrected).

KIR's answer:

OK, we'll check it.

 -agreement,
 -order,
 -document confirming rights to the domain .

What valid forms can this document take?  What steps are taken to verify 
or
validate that information?

KIR's answer:

1. Verification of agreement is done by checking if the company exist or 
not. We check it at the public registers, for example for companies 
registered in Poland we check it in register provide by Polish Ministry of 
Justice and Central Registration and Information of Business(
https://ems.ms.gov.pl/krs/wyszukiwaniepodmiotu?t:lb=t, 
https://prod.ceidg.gov.pl/CEIDG/CEIDG.Public.UI/Search.aspx). Based on 
this information we checked if the person who sign agreement and order is 
entitled representative (if the company is in the register, there are also 
information who is entitled representative).
2. To verify an order we do validation in the same way as for the 
agreement and also we check if the data given in order are correct, e.g. 
if the data given in the order concerns the company which signed the 
agreement.

 Identification and authentication includes (CSP s.3.2, 3.2.2, CP s.2.4):
 
 1. verification of agreement (we check if the company exist, who sign 
 agreement, if it is entitled representative),
 2. verification of order (we check who sign order, if it is entitled 
 representative, if the data given in order are correct),
 3. verification whether the client has granted the right to the domain 
(we 
 check who is an owner of the domain);

How is that ownership check performed?

KIR's answer:
For the domain name specified in the order we check at 
http://www.dns.pl/cgi-bin/whois.pl  whether the data presented to the 
domain owner are the same as customer data and the data for the 
certificate indicated in the order and agreement. If they are the same 
operator asks the administrator of the domain to place unique 
identification code supplied by KIR on the server. If the code is placed 
correctly KIR's operator confirms that order is valid and lets to issue 
certificate. He also makes a note in our internal system about how he 
checked validity of the ownership of the given domain.

 4. verification whether the client controls the domain (we ask to place 
 data indicated by KIR on server);
 5. identity of person authorised to represent client (we meet face to 
face 
 with that person).
 
 If it is still unclear in CSP we can make it more clarified.

That would be appreciated.

KIR's answer:
OK

   Note that test cerificates have their own policy's distinguished
   identifier (s 2.5 CP).
  
  Are you asking Mozilla to blacklist certificates marked with that OID 
 from
  being trusted?  If not, the fact that they have such an identifier is
  irrelevant for the purposes of determining trustworthiness.
  
  I am not sure if Mozilla has implemented funcionality like blacklist 
for 
 
  certificates marked with OID. As we can see other CAs do not force 
their 
 
  subscriber to show their ID even during issuing non-test certificates. 

 We 
  check subscribers identity face to face.
 
 That is not clear from the CPS.
 
 KIR's answer:
 
 When issuing test certificate, we check the points 1 -4 listed above, 
and 
 the validy of the renewed certifcate. 

That would be a good clarification to place in the CPS itself.

KIR's answer:
OK

- Matt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy





Od: Matt Palmer mpal...@hezmatt.org
Do: dev-security-policy@lists.mozilla.org, 
Data:   2014-09-26 22:45
Temat:  Re: KIR S.A. Root Inclusion Request
Wysłane przez:  dev-security-policy 
dev-security-policy-bounces+certificates=kir.com...@lists.mozilla.org



On Fri, Sep 26, 2014 at 02:42:05PM +0200, Certificates wrote:
 I don't read the CP (specifically, s2.4) as confirming that the 
Applicant
 controls the Fully-Qualified Domain Name (as per BR 1.1.9 s.9.2.1).
 
 KIR's answer:
 
 To get a SSL certificate client has to provide(CSP s.3.2):

That's presumably supposed to be CPS, not CSP (I noted that error
frequently throughout the documents themselves; you might want to get that
corrected).

 -agreement,
 -order,
 -document confirming rights to the domain .

What valid forms can this document take?  What steps are taken to verify 
or
validate that information?

 Identification and authentication includes (CSP s.3.2, 3.2.2, CP s.2.4):
 
 1. verification of agreement (we check if the company exist, who sign 
 agreement

ODP: RE: KIR S.A. Root Inclusion Request

2014-09-29 Thread Certificates

For the domain name specified in the order we check at 
http://www.dns.pl/cgi-bin/whois.pl  whether the data presented to the 
domain owner are the same as customer data and the data for the 
certificate indicated in the order and agreement. If they are the same 
operator asks the administrator of the domain to place unique 
identification code supplied by KIR on the server. If the code is placed 
correctly KIR's operator confirms that order is valid and lets to issue 
certificate. He also makes a note in our internal system about how he 
checked validity of the ownership of the given domain.




Od: Jeremy Rowley jeremy.row...@digicert.com
Do: Certificates certifica...@kir.com.pl, 
dev-security-policy@lists.mozilla.org 
dev-security-policy@lists.mozilla.org, 
Data:   2014-09-26 16:16
Temat:  RE: KIR S.A. Root Inclusion Request



I think you should clarify what constitutes a document confirming rights 
to the domain.  Is this authorization from the registrar or registrant? 
Who provides the document?

-Original Message-
From: dev-security-policy [
mailto:dev-security-policy-bounces+jeremy.rowley=digicert@lists.mozilla.org
] On Behalf Of Certificates
Sent: Friday, September 26, 2014 6:42 AM
To: dev-security-policy@lists.mozilla.org
Subject: Re: KIR S.A. Root Inclusion Request

Answers for Matt Palmer questions:

I don't read the CP (specifically, s2.4) as confirming that the Applicant 
controls the Fully-Qualified Domain Name (as per BR 1.1.9 s.9.2.1).

KIR's answer:

To get a SSL certificate client has to provide(CSP s.3.2):

-agreement,
-order,
-document confirming rights to the domain .

Identification and authentication includes (CSP s.3.2, 3.2.2, CP s.2.4):

1. verification of agreement (we check if the company exist, who sign 
agreement, if it is entitled representative), 2. verification of order (we 
check who sign order, if it is entitled representative, if the data given 
in order are correct), 3. verification whether the client has granted the 
right to the domain (we check who is an owner of the domain); 4. 
verification whether the client controls the domain (we ask to place data 
indicated by KIR on server); 5. identity of person authorised to represent 
client (we meet face to face with that person).

If it is still unclear in CSP we can make it more clarified.

  Note that test cerificates have their own policy's distinguished 
  identifier (s 2.5 CP).
 
 Are you asking Mozilla to blacklist certificates marked with that OID
from
 being trusted?  If not, the fact that they have such an identifier is 
 irrelevant for the purposes of determining trustworthiness.
 
 I am not sure if Mozilla has implemented funcionality like blacklist 
 for

 certificates marked with OID. As we can see other CAs do not force 
 their

 subscriber to show their ID even during issuing non-test certificates. 
We 
 check subscribers identity face to face.

That is not clear from the CPS.

KIR's answer:

When issuing test certificate, we check the points 1 -4 listed above, and 
the validy of the renewed certifcate. 

Best regards
Przemyslaw Rawa



Od: Matt Palmer mpal...@hezmatt.org
Do: dev-security-policy@lists.mozilla.org, 
Data:   2014-09-25 22:38
Temat:  Re: KIR S.A. Root Inclusion Request Wysłane przez: 
dev-security-policy 
dev-security-policy-bounces+certificates=kir.com...@lists.mozilla.org



On Thu, Sep 25, 2014 at 03:06:59PM +0200, Certificates wrote:
 Answers for Matt Palmer questions:
 
 On Wed, Sep 24, 2014 at 05:17:02AM -0700, kircertifica...@gmail.com
wrote:
  As you can see above in the same point of CPS:
  
  To receive a certificate it is necessary for the subscriber who is 
  a
 natural person or an authorised
  representative of the recipient of certification services to present:
  1) an identification card (or its photocopy depending on the type of
 certificate);
  2) documents confirming rights to the domain (optionally, relative 
  to
 the certificate type);
  3) a file with the certificate request (if the pair of keys is
generated 
 individually by the subscriber).
  
  In case of test certificates according our CPS we can skip point 1
from
  the above list.  It means that we do not force subscriber to visit 
  our

 RA
  and show his identification card, as we do in case of another kinds 
  of certificates.  But still all other things like agreement, order 
  and documents confirming rights to the domain are verified carefully.
 
 Rights to the domain is indicated there as being optional, and I 
 can't find any indication in the CPS of which certificate types will 
 be domain-validated.  Also, the only place I've found a description of 
 your domain validation practices is at the bottom of CPS s3.2.2, which 
 only mentions having information placed on a server.  My reading of 
 the
e-mail
 communication option is for purposes other than domain validation. 
 Can you confirm that is the case?
 
 CSP s3.2 concerns all type of certificates. Optional, relevant

Re: ODP: Re: KIR S.A. Root Inclusion Request

2014-09-29 Thread Matt Palmer

On Mon, Sep 29, 2014 at 03:41:07PM +0200, Certificates wrote:
 On Fri, Sep 26, 2014 at 02:42:05PM +0200, Certificates wrote:
  -agreement,
  -order,
  -document confirming rights to the domain .
 
 What valid forms can this document take?  What steps are taken to verify 
 or
 validate that information?
 
 KIR's answer:

All of this additional information should be placed in the CPS.

- Matt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: KIR S.A. Root Inclusion Request

2014-09-26 Thread Certificates

Answers for Matt Palmer questions:

I don't read the CP (specifically, s2.4) as confirming that the Applicant
controls the Fully-Qualified Domain Name (as per BR 1.1.9 s.9.2.1).

KIR's answer:

To get a SSL certificate client has to provide(CSP s.3.2):

-agreement,
-order,
-document confirming rights to the domain .

Identification and authentication includes (CSP s.3.2, 3.2.2, CP s.2.4):

1. verification of agreement (we check if the company exist, who sign 
agreement, if it is entitled representative),
2. verification of order (we check who sign order, if it is entitled 
representative, if the data given in order are correct),
3. verification whether the client has granted the right to the domain (we 
check who is an owner of the domain);
4. verification whether the client controls the domain (we ask to place 
data indicated by KIR on server);
5. identity of person authorised to represent client (we meet face to face 
with that person).

If it is still unclear in CSP we can make it more clarified.

  Note that test cerificates have their own policy's distinguished
  identifier (s 2.5 CP).
 
 Are you asking Mozilla to blacklist certificates marked with that OID 
from
 being trusted?  If not, the fact that they have such an identifier is
 irrelevant for the purposes of determining trustworthiness.
 
 I am not sure if Mozilla has implemented funcionality like blacklist for 

 certificates marked with OID. As we can see other CAs do not force their 

 subscriber to show their ID even during issuing non-test certificates. 
We 
 check subscribers identity face to face.

That is not clear from the CPS.

KIR's answer:

When issuing test certificate, we check the points 1 -4 listed above, and 
the validy of the renewed certifcate. 

Best regards
Przemyslaw Rawa



Od: Matt Palmer mpal...@hezmatt.org
Do: dev-security-policy@lists.mozilla.org, 
Data:   2014-09-25 22:38
Temat:  Re: KIR S.A. Root Inclusion Request
Wysłane przez:  dev-security-policy 
dev-security-policy-bounces+certificates=kir.com...@lists.mozilla.org



On Thu, Sep 25, 2014 at 03:06:59PM +0200, Certificates wrote:
 Answers for Matt Palmer questions:
 
 On Wed, Sep 24, 2014 at 05:17:02AM -0700, kircertifica...@gmail.com 
wrote:
  As you can see above in the same point of CPS:
  
  To receive a certificate it is necessary for the subscriber who is a 
 natural person or an authorised 
  representative of the recipient of certification services to present:
  1) an identification card (or its photocopy depending on the type of 
 certificate);
  2) documents confirming rights to the domain (optionally, relative to 
 the certificate type);
  3) a file with the certificate request (if the pair of keys is 
generated 
 individually by the subscriber).
  
  In case of test certificates according our CPS we can skip point 1 
from
  the above list.  It means that we do not force subscriber to visit our 

 RA
  and show his identification card, as we do in case of another kinds of
  certificates.  But still all other things like agreement, order and
  documents confirming rights to the domain are verified carefully.
 
 Rights to the domain is indicated there as being optional, and I can't
 find any indication in the CPS of which certificate types will be
 domain-validated.  Also, the only place I've found a description of your
 domain validation practices is at the bottom of CPS s3.2.2, which only
 mentions having information placed on a server.  My reading of the 
e-mail
 communication option is for purposes other than domain validation.  Can 
 you
 confirm that is the case?
 
 CSP s3.2 concerns all type of certificates. Optional, relevant to the 
 certificate type means that we don't ask for domain validation for e.g. 

 the standard certificate. We do domain validation for all SSL 
certifcates. 
 More details about process of validation during issuing certificates of 
 all types you can find in CP.

I don't read the CP (specifically, s2.4) as confirming that the Applicant
controls the Fully-Qualified Domain Name (as per BR 1.1.9 s.9.2.1).

  Note that test cerificates have their own policy's distinguished
  identifier (s 2.5 CP).
 
 Are you asking Mozilla to blacklist certificates marked with that OID 
from
 being trusted?  If not, the fact that they have such an identifier is
 irrelevant for the purposes of determining trustworthiness.
 
 I am not sure if Mozilla has implemented funcionality like blacklist for 

 certificates marked with OID. As we can see other CAs do not force their 

 subscriber to show their ID even during issuing non-test certificates. 
We 
 check subscribers identity face to face.

That is not clear from the CPS.

  We reserve itself the right to downtime our OCSP, but it doesn't mean 
 that
  we do it every week during normal working hours.  What is acceptable 
 level
  of service for you?  We can adjust our technical downtime for OCSP.
 
 100%.  OCSP is a fundamental service for a publically-trusted CA to 
 provide. 
 Given

RE: KIR S.A. Root Inclusion Request

2014-09-26 Thread Jeremy Rowley

I think you should clarify what constitutes a document confirming rights to 
the domain.  Is this authorization from the registrar or registrant?  Who 
provides the document?

-Original Message-
From: dev-security-policy 
[mailto:dev-security-policy-bounces+jeremy.rowley=digicert@lists.mozilla.org]
 On Behalf Of Certificates
Sent: Friday, September 26, 2014 6:42 AM
To: dev-security-policy@lists.mozilla.org
Subject: Re: KIR S.A. Root Inclusion Request

Answers for Matt Palmer questions:

I don't read the CP (specifically, s2.4) as confirming that the Applicant 
controls the Fully-Qualified Domain Name (as per BR 1.1.9 s.9.2.1).

KIR's answer:

To get a SSL certificate client has to provide(CSP s.3.2):

-agreement,
-order,
-document confirming rights to the domain .

Identification and authentication includes (CSP s.3.2, 3.2.2, CP s.2.4):

1. verification of agreement (we check if the company exist, who sign 
agreement, if it is entitled representative), 2. verification of order (we 
check who sign order, if it is entitled representative, if the data given in 
order are correct), 3. verification whether the client has granted the right to 
the domain (we check who is an owner of the domain); 4. verification whether 
the client controls the domain (we ask to place data indicated by KIR on 
server); 5. identity of person authorised to represent client (we meet face to 
face with that person).

If it is still unclear in CSP we can make it more clarified.

  Note that test cerificates have their own policy's distinguished 
  identifier (s 2.5 CP).

 Are you asking Mozilla to blacklist certificates marked with that OID
from
 being trusted?  If not, the fact that they have such an identifier is 
 irrelevant for the purposes of determining trustworthiness.

 I am not sure if Mozilla has implemented funcionality like blacklist 
 for

 certificates marked with OID. As we can see other CAs do not force 
 their

 subscriber to show their ID even during issuing non-test certificates. 
We 
 check subscribers identity face to face.

That is not clear from the CPS.

KIR's answer:

When issuing test certificate, we check the points 1 -4 listed above, and the 
validy of the renewed certifcate. 

Best regards
Przemyslaw Rawa

Od: Matt Palmer mpal...@hezmatt.org
Do: dev-security-policy@lists.mozilla.org, 
Data:   2014-09-25 22:38
Temat:  Re: KIR S.A. Root Inclusion Request Wysłane przez:  
dev-security-policy 
dev-security-policy-bounces+certificates=kir.com...@lists.mozilla.org

On Thu, Sep 25, 2014 at 03:06:59PM +0200, Certificates wrote:
 Answers for Matt Palmer questions:

 On Wed, Sep 24, 2014 at 05:17:02AM -0700, kircertifica...@gmail.com
wrote:
  As you can see above in the same point of CPS:

  To receive a certificate it is necessary for the subscriber who is 
  a
 natural person or an authorised
  representative of the recipient of certification services to present:
  1) an identification card (or its photocopy depending on the type of
 certificate);
  2) documents confirming rights to the domain (optionally, relative 
  to
 the certificate type);
  3) a file with the certificate request (if the pair of keys is
generated 
 individually by the subscriber).

  In case of test certificates according our CPS we can skip point 1
from
  the above list.  It means that we do not force subscriber to visit 
  our

 RA
  and show his identification card, as we do in case of another kinds 
  of certificates.  But still all other things like agreement, order 
  and documents confirming rights to the domain are verified carefully.

 Rights to the domain is indicated there as being optional, and I 
 can't find any indication in the CPS of which certificate types will 
 be domain-validated.  Also, the only place I've found a description of 
 your domain validation practices is at the bottom of CPS s3.2.2, which 
 only mentions having information placed on a server.  My reading of 
 the
e-mail
 communication option is for purposes other than domain validation.  
 Can you confirm that is the case?

 CSP s3.2 concerns all type of certificates. Optional, relevant to the 
 certificate type means that we don't ask for domain validation for e.g.

 the standard certificate. We do domain validation for all SSL
certifcates. 
 More details about process of validation during issuing certificates 
 of all types you can find in CP.

I don't read the CP (specifically, s2.4) as confirming that the Applicant 
controls the Fully-Qualified Domain Name (as per BR 1.1.9 s.9.2.1).

  Note that test cerificates have their own policy's distinguished 
  identifier (s 2.5 CP).

 Are you asking Mozilla to blacklist certificates marked with that OID
from
 being trusted?  If not, the fact that they have such an identifier is 
 irrelevant for the purposes of determining trustworthiness.

 I am not sure if Mozilla has implemented funcionality like blacklist 
 for

 certificates marked with OID. As we can see other CAs do

Re: KIR S.A. Root Inclusion Request

2014-09-26 Thread Matt Palmer

On Fri, Sep 26, 2014 at 02:42:05PM +0200, Certificates wrote:
 I don't read the CP (specifically, s2.4) as confirming that the Applicant
 controls the Fully-Qualified Domain Name (as per BR 1.1.9 s.9.2.1).
 
 KIR's answer:
 
 To get a SSL certificate client has to provide(CSP s.3.2):

That's presumably supposed to be CPS, not CSP (I noted that error
frequently throughout the documents themselves; you might want to get that
corrected).

 -agreement,
 -order,
 -document confirming rights to the domain .

What valid forms can this document take?  What steps are taken to verify or
validate that information?

 Identification and authentication includes (CSP s.3.2, 3.2.2, CP s.2.4):
 
 1. verification of agreement (we check if the company exist, who sign 
 agreement, if it is entitled representative),
 2. verification of order (we check who sign order, if it is entitled 
 representative, if the data given in order are correct),
 3. verification whether the client has granted the right to the domain (we 
 check who is an owner of the domain);

How is that ownership check performed?

 4. verification whether the client controls the domain (we ask to place 
 data indicated by KIR on server);
 5. identity of person authorised to represent client (we meet face to face 
 with that person).
 
 If it is still unclear in CSP we can make it more clarified.

That would be appreciated.

   Note that test cerificates have their own policy's distinguished
   identifier (s 2.5 CP).
  
  Are you asking Mozilla to blacklist certificates marked with that OID 
 from
  being trusted?  If not, the fact that they have such an identifier is
  irrelevant for the purposes of determining trustworthiness.
  
  I am not sure if Mozilla has implemented funcionality like blacklist for 
 
  certificates marked with OID. As we can see other CAs do not force their 
 
  subscriber to show their ID even during issuing non-test certificates. 
 We 
  check subscribers identity face to face.
 
 That is not clear from the CPS.
 
 KIR's answer:
 
 When issuing test certificate, we check the points 1 -4 listed above, and 
 the validy of the renewed certifcate. 

That would be a good clarification to place in the CPS itself.

- Matt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: KIR S.A. Root Inclusion Request

2014-09-25 Thread Certificates

Answers for Matt Palmer questions:

On Wed, Sep 24, 2014 at 05:17:02AM -0700, kircertifica...@gmail.com wrote:
 As you can see above in the same point of CPS:
 
 To receive a certificate it is necessary for the subscriber who is a 
natural person or an authorised 
 representative of the recipient of certification services to present:
 1) an identification card (or its photocopy depending on the type of 
certificate);
 2) documents confirming rights to the domain (optionally, relative to 
the certificate type);
 3) a file with the certificate request (if the pair of keys is generated 
individually by the subscriber).
 
 In case of test certificates according our CPS we can skip point 1 from
 the above list.  It means that we do not force subscriber to visit our 
RA
 and show his identification card, as we do in case of another kinds of
 certificates.  But still all other things like agreement, order and
 documents confirming rights to the domain are verified carefully.

Rights to the domain is indicated there as being optional, and I can't
find any indication in the CPS of which certificate types will be
domain-validated.  Also, the only place I've found a description of your
domain validation practices is at the bottom of CPS s3.2.2, which only
mentions having information placed on a server.  My reading of the e-mail
communication option is for purposes other than domain validation.  Can 
you
confirm that is the case?


CSP s3.2 concerns all type of certificates. Optional, relevant to the 
certificate type means that we don't ask for domain validation for  e.g. 
the standard certificate. We do domain validation for all SSL certifcates. 
More details about process of validation during issuing certificates of 
all types you can find in CP.


 Note that test cerificates have their own policy's distinguished
 identifier (s 2.5 CP).

Are you asking Mozilla to blacklist certificates marked with that OID from
being trusted?  If not, the fact that they have such an identifier is
irrelevant for the purposes of determining trustworthiness.

I am not sure if Mozilla has implemented funcionality like blacklist for 
certificates marked with OID. As we can see other CAs do not force their 
subscriber to show their ID even during issuing non-test certificates. We 
check subscribers identity face to face. Only issuing test cerificate we 
don't ask subscriber for visiting our RA. Below you can find one example 
from CPS of CA which root certificates is inclued in the Mozilla browser:
Registration might require subscriber or a representative authorized by 
the subscriber to personally attend a
registration authority. Nevertheless, CERTUM permits (for specified 
certificate types) sending applications for
registration by mail, electronic mail, WWW sites, etc.; examination of the 
applications does not necessitate a
physical contact with the requester.


 We reserve itself the right to downtime our OCSP, but it doesn't mean 
that
 we do it every week during normal working hours.  What is acceptable 
level
 of service for you?  We can adjust our technical downtime for OCSP.

100%.  OCSP is a fundamental service for a publically-trusted CA to 
provide. 
Given that it can easily be run as a read-only service for a period of 
time
(in your case, up to 24 hours), there is no reason why maintenance cannot 
be
done entirely without interruption.

We maintain OCSP on line 24x7. But 100% availability of is utopia. Even e- 
banking systems have their downtimes. We want to be fair to the user, 
that's why we inform them about possibility of downtime. We can remove 
this 4 hour from CSP.








Krajowa Izba Rozliczeniowa S.A., ul. rtm. W. Pileckiego 65, 02-781 
Warszawa, zarejestrowana w Sądzie Rejonowym dla m. st. Warszawy, XIII 
Wydział Gospodarczy Krajowego Rejestru Sądowego pod nr KRS 113064, NIP 
526-030-05-17, REGON 012105474, kapitał zakładowy i wpłacony 5.445.000 zł.

Informacja zawarta w tej transmisji jest przeznaczona tylko dla osoby lub 
jednostki, do której jest adresowana. Może ona zawierać zastrzeżone i 
poufne informacje i jeżeli to nie Państwo są wskazanym odbiorcą, nie można 
kopiować, rozpowszechniać lub podejmować żadnych czynności w oparciu o 
nią. W przypadku otrzymania tej transmisji przez pomyłkę, proszę 
powiadomić nadawcę za pomocą emaila zwrotnego i usunąć tę transmisję (wraz 
z załącznikami) z Państwa systemu.


The information contained in this transmission is intended only for the 
individual or entity to whom it is addressed. It may contain privileged 
and confidential information and if you are not an indicated recipient, 
you must not copy, distribute or take any action in reliance on it. If 
received in error, please notify the sender by return email and delete his 
transmission (and any attachments) from your system.


___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

RE: KIR S.A. Root Inclusion Request

2014-09-25 Thread Robin Alden

Hi Przemyslaw,

1) Suspension
I can see that it's no problem for a certificate's status as shown in
OCSP or in a CRL (as viewed from outside your organization) to
transition from valid to 'Revoked' as a result of a 'suspension' within
your system.
The problem comes when you try to 'unsuspend'.  You can't transition
back from 'revoked' to valid.

http://www.ietf.org/rfc/rfc5280.txt
3.3.  Revocation
...
An entry MUST NOT be removed
   from the CRL until it appears on one regularly scheduled CRL issued
   beyond the revoked certificate's validity period.

Regards
Robin Alden


 -Original Message-
 From: dev-security-policy [mailto:dev-security-policy-
 bounces+robin=comodo@lists.mozilla.org] On Behalf Of Certificates
 Sent: 25 September 2014 14:03
 To: dev-security-policy@lists.mozilla.org
 Subject: Re: KIR S.A. Root Inclusion Request
 
 Answers for Jeremy Rowley questions:
 
 A couple of notes:
 1) Under Section 3.4 and 4.9, suspension is not permitted for SSL
certs
 under the BRs.
 
 Where the BR forbids certificates suspension? The Repository gives an
 answer revoke for suspended certificate, so it's consistent withe BR
 s13.2.7.
 
 2) Section 3.3 should specify when re-verification is required (at
least
 every 39 months).  Although the CPS does say the original issuance
 process is followed, I didn't this specified at the certificate
lifecycle is 5
 years.  Also, be aware that five year certs are only permitted until
April 1,
 2015. After that, the maximum lifecycle is 39 months
 
 Yes, we know about this requirement. Presently, we do not issue
 certificates above 2 years validity period, although we mentioned such
 possibility in CPS. We do verification both for first certificate and
renewal,
 in particular we verify rights to domain for SSL certificates.
 Our internal procedures describe this process in details.
 
 3) See section 13.1.5 of the BRs for the reasons a CA must revoke a
 certificate.  Section 4.9 of your CPS doesn't really match these.
 
 The reasons for revoking subscriber certificate pointed in CSP
 corresponds to the reasons pointed in BR. But if the connection isn't
clear
 we can clarified it more in CSP by introducing some changes.
 
 
 4) Archiving is required for 7 years under the BRs (5.4.3 and 5.5).
 
 That's a mistake in CPS. We will change it.
 
 5) 6.28 should require at least two individuals acting together to
activate
 the private key
 
 It is done by two persons. It is mentioned in CPS s.6.2.2 that the
secrets
 are distributed among 5 persons.
 CSP s6.2.6. Uploading a private key to cryptographic modules is done
in
 the following situations:
 1)  launch of the certification authority during the system
start-up;
 2)  recovery of the key of the certification authority in the
back-up
 location;
 3)  replacement of the cryptographic module.
 The key is uploaded to the module with the presence of the holders of
 co-shared secrets. To upload the key it is necessary to have the
presence
 of the number of secrets described in Clause 6.2.2. Uploading is done
 within a closed security environment. A private key is made up of
 elements. Parts of the secret key from the cards are provided in
 sequence, enciphered files are uploaded into the module's memory and
 then deciphered. A private key is ready to use. Uploading of the key
into
 the module is recorded in the register of events.
 CSP s.6.2.8 Once uploaded into the module, the key shall be active.
 
 6) Some of your EKU extensions are not permitted in the same
 certificate.
 
 We are aware of it. In the SSL certificates we use only
 clientAuthentication and serverAuthentication.
 
 7) Note the recently announced SHA-2 requirement. SHA-1 is the only
 hash specified in the CPS. 5 year certificates will not be possible.
 
 We are aware of it and we will start issuing certificates with SHA 256
 before this date and also  supplement our CSP accordingly.
 
 8) What is your OCSP response for a not issued cert?
 
 The answer is unknown - CSP s4.9.9.
 
 
 
 
 
 
 
 
 
 
 
 Krajowa Izba Rozliczeniowa S.A., ul. rtm. W. Pileckiego 65, 02-781
 Warszawa, zarejestrowana w Sądzie Rejonowym dla m. st. Warszawy,
 XIII Wydział Gospodarczy Krajowego Rejestru Sądowego pod nr KRS
 113064, NIP 526-030-05-17, REGON 012105474, kapitał zakładowy i
 wpłacony 5.445.000 zł.
 
 Informacja zawarta w tej transmisji jest przeznaczona tylko dla osoby
lub
 jednostki, do której jest adresowana. Może ona zawierać zastrzeżone i
 poufne informacje i jeżeli to nie Państwo są wskazanym odbiorcą, nie
 można kopiować, rozpowszechniać lub podejmować żadnych czynności
 w oparciu o nią. W przypadku otrzymania tej transmisji przez pomyłkę,
 proszę powiadomić nadawcę za pomocą emaila zwrotnego i usunąć tę
 transmisję (wraz z załącznikami) z Państwa systemu.
 
 
 The information contained in this transmission is intended only for
the
 individual or entity to whom it is addressed. It may contain
privileged and
 confidential information and if you

Re: KIR S.A. Root Inclusion Request

2014-09-25 Thread Jeremy . Rowley

If you look under Section 13.2.4, a CA cannot remove an entry from its 
CRLs, meaning there is no way to un-suspend a certificate.


On 9/25/2014 7:03 AM, Certificates wrote:

Answers for Jeremy Rowley questions:

A couple of notes:
1) Under Section 3.4 and 4.9, suspension is not permitted for SSL certs
under the BRs.

Where the BR forbids certificates suspension? The Repository gives an
answer revoke for suspended certificate, so it's consistent withe BR
s13.2.7.

2) Section 3.3 should specify when re-verification is required (at least
every 39 months).  Although the CPS does say the original issuance
process is followed, I didn't this specified at the certificate
lifecycle is 5 years.  Also, be aware that five year certs are only
permitted until April 1, 2015. After that, the maximum lifecycle is 39
months

Yes, we know about this requirement. Presently, we do not issue
certificates above 2 years validity period, although we mentioned such
possibility in CPS. We do verification both for first certificate and
renewal, in particular we verify rights to domain for SSL certificates.
Our internal procedures describe this process in details.

3) See section 13.1.5 of the BRs for the reasons a CA must revoke a
certificate.  Section 4.9 of your CPS doesn't really match these.

The reasons for revoking subscriber certificate pointed in CSP corresponds
to the reasons pointed in BR. But if the connection isn't clear we can
clarified it more in CSP by introducing some changes.


4) Archiving is required for 7 years under the BRs (5.4.3 and 5.5).

That's a mistake in CPS. We will change it.

5) 6.28 should require at least two individuals acting together to
activate the private key

It is done by two persons. It is mentioned in CPS s.6.2.2 that the secrets
are distributed among 5 persons.
CSP s6.2.6. Uploading a private key to cryptographic modules is done in
the following situations:
1)  launch of the certification authority during the system start-up;
2)  recovery of the key of the certification authority in the back-up
location;
3)  replacement of the cryptographic module.
The key is uploaded to the module with the presence of the holders of
co-shared secrets. To upload the key it is necessary to have the presence
of the number of secrets described in Clause 6.2.2. Uploading is done
within a closed security environment. A private key is made up of
elements. Parts of the secret key from the cards are provided in sequence,
enciphered files are uploaded into the module's memory and then
deciphered. A private key is ready to use. Uploading of the key into the
module is recorded in the register of events.
CSP s.6.2.8 Once uploaded into the module, the key shall be active.

6) Some of your EKU extensions are not permitted in the same certificate.

We are aware of it. In the SSL certificates we use only
clientAuthentication and serverAuthentication.

7) Note the recently announced SHA-2 requirement. SHA-1 is the only hash
specified in the CPS. 5 year certificates will not be possible.

We are aware of it and we will start issuing certificates with SHA 256
before this date and also  supplement our CSP accordingly.

8) What is your OCSP response for a not issued cert?

The answer is unknown - CSP s4.9.9.











Krajowa Izba Rozliczeniowa S.A., ul. rtm. W. Pileckiego 65, 02-781
Warszawa, zarejestrowana w Sądzie Rejonowym dla m. st. Warszawy, XIII
Wydział Gospodarczy Krajowego Rejestru Sądowego pod nr KRS 113064, NIP
526-030-05-17, REGON 012105474, kapitał zakładowy i wpłacony 5.445.000 zł.

Informacja zawarta w tej transmisji jest przeznaczona tylko dla osoby lub
jednostki, do której jest adresowana. Może ona zawierać zastrzeżone i
poufne informacje i jeżeli to nie Państwo są wskazanym odbiorcą, nie można
kopiować, rozpowszechniać lub podejmować żadnych czynności w oparciu o
nią. W przypadku otrzymania tej transmisji przez pomyłkę, proszę
powiadomić nadawcę za pomocą emaila zwrotnego i usunąć tę transmisję (wraz
z załącznikami) z Państwa systemu.


The information contained in this transmission is intended only for the
individual or entity to whom it is addressed. It may contain privileged
and confidential information and if you are not an indicated recipient,
you must not copy, distribute or take any action in reliance on it. If
received in error, please notify the sender by return email and delete his
transmission (and any attachments) from your system.


___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
.



___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: KIR S.A. Root Inclusion Request

2014-09-24 Thread kircertificates

As you can see above in the same point of CPS:

To receive a certificate it is necessary for the subscriber who is a natural 
person or an authorised 
representative of the recipient of certification services to present:
1) an identification card (or its photocopy depending on the type of 
certificate);
2) documents confirming rights to the domain (optionally, relative to the 
certificate type);
3) a file with the certificate request (if the pair of keys is generated 
individually by the subscriber).

In case of test certificates according our CPS we can skip point 1 from the 
above list. It means that we do not force subscriber to visit our RA and show 
his identification card, as we do in case of another kinds of certificates. But 
still all other things like agreement, order and documents confirming rights to 
the domain are verified carefully. Note that test cerificates have their own 
policy's distinguished identifier (s 2.5 CP). 

We reserve itself the right to downtime our OCSP, but it doesn't mean that we 
do it every week during normal working hours. What is acceptable level of 
service for you? We can adjust our technical downtime for OCSP.


On Wednesday, September 24, 2014 6:02:15 AM UTC+2, Matt Palmer wrote:
 One thing leaps out at me immediately: these test certificates.  They
 
 appear to be issued from the same CA as the regular certificates, but s3.2
 
 states, In case of test certificates they may be issued remotely *without
 
 the necessity to verify the subscriber's identity.  That seems... bad. 
 
 *Really* bad.
 
 
 
 I'm also a little concerned about the last sentence of s4.9.9 (dealing with
 
 OCSP responders) -- at least, I'm assuming that italics sentence in the
 
 header of 4.9.10 isn't supposed to be a header.  I don't think that being
 
 able to take down your OCSP service for fours hours every week really
 
 constitutes an acceptable level of service.
 
 
 
 - Matt
 
 
 
 On Tue, Sep 23, 2014 at 05:49:17PM -0700, Kathleen Wilson wrote:
 
  Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the
 
  SZAFIR ROOT CA root certificate and enable all three trust bits.
 
  
 
  KIR S.A. is a private corporation in Poland which currently mainly
 
  issues qualified certificates for general public and plans to issue
 
  non-qualified certificates (e.g. SSL certificates). KIR S.A. is an
 
  automated clearing house in Poland and its core business is
 
  clearings, and has built numerous business relationships within
 
  banking sector. Therefore, KIR S.A. is aiming to expand its sales in
 
  services such as SSL and VPN certificates. KIR S.A. has another line
 
  of products called PayByNet, and has created a vast network of
 
  relationships within online stores that KIR S.A. can leverage to
 
  create customer base for trusted non-qualified certificates.
 
  
 
  The request is documented in the following bug:
 
  https://bugzilla.mozilla.org/show_bug.cgi?id=817994
 
  
 
  And in the pending certificates list:
 
  http://www.mozilla.org/projects/security/certs/pending/
 
  
 
  Summary of Information Gathered and Verified:
 
  https://bugzilla.mozilla.org/attachment.cgi?id=8441701
 
  
 
  Noteworthy points:
 
  
 
  * The primary documents, the CP and CPS, are provided in both
 
  English and Polish.
 
  
 
  Document Repository:
 
  http://elektronicznypodpis.pl/en/information/documents-and-agreements
 
  CPS: 
  http://www.elektronicznypodpis.pl/files/doc/certification_practice_statement.pdf
 
  CP: http://elektronicznypodpis.pl/files/doc/certification_policy.pdf
 
  
 
  * CA Hierarchy: There is currently one internally-operated
 
  subordinate-CA which issues 6 types of end-user certificates:
 
  - Standard certificate - For protection of information sent
 
  electronically, using mainly e-mail, for authorizing access to
 
  systems, customer authentication in SSL connections. It allows
 
  signing and encrypting data in an electronic form and authenticating
 
  subscribers.
 
  - Code signing certificate
 
  - VPN certificate
 
  - SSL certificate
 
  - Test certificate - For testing co-operation of the certificate
 
  with solutions used or developed by a recipient of certification
 
  services or a subscriber.
 
  - ELIXIR certificate - For protecting information sending within
 
  ELIXIR and EuroELIXIR systems. This kind of certificates are issued
 
  only for Participants of ELIXIR and EuroELIXIR systems.
 
  
 
  * The request is to enable all three trust bits.
 
  
 
  ** CPS section 3.2, Initial Identity Validation: Depending on the
 
  type of certificate the procedure of certificate issuance may be
 
  different and is relative to a specific certification policy.
 
  To receive a certificate it is necessary for the subscriber who is a
 
  natural person or an authorised representative of the recipient of
 
  certification services to present:
 
  1) an identification card (or its photocopy depending on the type of
 
  certificate);
 
  2) documents confirming

Re: KIR S.A. Root Inclusion Request

2014-09-23 Thread Matt Palmer

One thing leaps out at me immediately: these test certificates.  They
appear to be issued from the same CA as the regular certificates, but s3.2
states, In case of test certificates they may be issued remotely *without
the necessity to verify the subscriber's identity.  That seems... bad. 
*Really* bad.

I'm also a little concerned about the last sentence of s4.9.9 (dealing with
OCSP responders) -- at least, I'm assuming that italics sentence in the
header of 4.9.10 isn't supposed to be a header.  I don't think that being
able to take down your OCSP service for fours hours every week really
constitutes an acceptable level of service.

- Matt

On Tue, Sep 23, 2014 at 05:49:17PM -0700, Kathleen Wilson wrote:
 Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the
 “SZAFIR ROOT CA” root certificate and enable all three trust bits.
 
 KIR S.A. is a private corporation in Poland which currently mainly
 issues qualified certificates for general public and plans to issue
 non-qualified certificates (e.g. SSL certificates). KIR S.A. is an
 automated clearing house in Poland and its core business is
 clearings, and has built numerous business relationships within
 banking sector. Therefore, KIR S.A. is aiming to expand its sales in
 services such as SSL and VPN certificates. KIR S.A. has another line
 of products called PayByNet, and has created a vast network of
 relationships within online stores that KIR S.A. can leverage to
 create customer base for trusted non-qualified certificates.
 
 The request is documented in the following bug:
 https://bugzilla.mozilla.org/show_bug.cgi?id=817994
 
 And in the pending certificates list:
 http://www.mozilla.org/projects/security/certs/pending/
 
 Summary of Information Gathered and Verified:
 https://bugzilla.mozilla.org/attachment.cgi?id=8441701
 
 Noteworthy points:
 
 * The primary documents, the CP and CPS, are provided in both
 English and Polish.
 
 Document Repository:
 http://elektronicznypodpis.pl/en/information/documents-and-agreements
 CPS: 
 http://www.elektronicznypodpis.pl/files/doc/certification_practice_statement.pdf
 CP: http://elektronicznypodpis.pl/files/doc/certification_policy.pdf
 
 * CA Hierarchy: There is currently one internally-operated
 subordinate-CA which issues 6 types of end-user certificates:
 - Standard certificate - For protection of information sent
 electronically, using mainly e-mail, for authorizing access to
 systems, customer authentication in SSL connections. It allows
 signing and encrypting data in an electronic form and authenticating
 subscribers.
 - Code signing certificate
 - VPN certificate
 - SSL certificate
 - Test certificate - For testing co-operation of the certificate
 with solutions used or developed by a recipient of certification
 services or a subscriber.
 - ELIXIR certificate - For protecting information sending within
 ELIXIR and EuroELIXIR systems. This kind of certificates are issued
 only for Participants of ELIXIR and EuroELIXIR systems.
 
 * The request is to enable all three trust bits.
 
 ** CPS section 3.2, Initial Identity Validation: Depending on the
 type of certificate the procedure of certificate issuance may be
 different and is relative to a specific certification policy.
 To receive a certificate it is necessary for the subscriber who is a
 natural person or an authorised representative of the recipient of
 certification services to present:
 1) an identification card (or its photocopy depending on the type of
 certificate);
 2) documents confirming rights to the domain (optionally, relative
 to the certificate type);
 3) a file with the certificate request (if the pair of keys is
 generated individually by the subscriber).
 KIR S.A. may expect presentation of other documents, in case
 entering data other than the subscriber's first name and surname and
 the PESEL or NIP number into the certificate is requested.
 
 ** CPS section 3.2.2: Identification and authentication of entities
 other than a natural person is the case when data of such entity is
 included in the data for the certificate for the issuance of which
 it applies to KIR S.A., or data included in the certificate contains
 information about such entity, e.g. the name of the Internet domain.
 Depending on the type of certificate, identification shall be
 performed on the basis of documents sent by the recipient of
 certification services or data disclosed in the Agreement and in the
 order.
 The manner of confirming such data depends on the type of
 certificate. For this purpose KIR S.A. may request sending
 additional documents, check the data of the recipient of
 certification services in commonly accessible registers and
 services, obtain a card of signatures of persons authorised to
 represent the recipient of certification services.
 Issuance of the certificate may also require a personal meeting of a
 person authorised to represent a specific entity with an authorised
 representative of KIR S.A.
 Wishing to

Re: KIR S.A. Root Inclusion Request

Re: Re: Re: KIR S.A. Root Inclusion Request

Re: Re: Re: KIR S.A. Root Inclusion Request

Re: KIR S.A. Root Inclusion Request

Re: KIR S.A. Root Inclusion Request

Re: ODP: Re: ODP: Re: KIR S.A. Root Inclusion Request

Re: ODP: Re: ODP: Re: KIR S.A. Root Inclusion Request

ODP: Re: KIR S.A. Root Inclusion Request

ODP: RE: KIR S.A. Root Inclusion Request

Re: ODP: Re: KIR S.A. Root Inclusion Request

Re: KIR S.A. Root Inclusion Request

RE: KIR S.A. Root Inclusion Request

Re: KIR S.A. Root Inclusion Request

Re: KIR S.A. Root Inclusion Request

RE: KIR S.A. Root Inclusion Request

Re: KIR S.A. Root Inclusion Request

Re: KIR S.A. Root Inclusion Request

Re: KIR S.A. Root Inclusion Request

18 matches

Site Navigation

Mail list logo

Footer information