[cabfpub] [cabfman] Improving the security of EV Certificates
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Wed Dec 18 19:52:45 UTC 2013
On 12/18/2013 08:11 PM, From Ryan Sleevi:
>
> Auditors are not equivalent to site operators. Site operators carry
> great risk in pinning and getting it right
Site operators don't do pinning I guess...
>
> Pinning offers the ability for anyone, without risk to their
> operational capability, to look to examine for misissuance - past or
> present.
I think you meant something else here...
>
> Every single public CA security incident we have seen in the past 3
> years would have been detected immediately from a system like CT.
Maybe...it's just another layer really.
> Trustwave, Diginotar, Turktrust, and most recently, ANSSI were all
> detected through luck and vigilance, and only because they happened to
> affect a large site whose engineers are using every means capable to
> them to attempt to detect such mis-issuance.
I assume it was detected because said large site also produces a browser
and used pinning to detect it.
>
> For all we know, there may be thousands of other misissuances from
> existing CAs
Probably exaggerated, but there might be a couple more...
> CT makes it possible for anyone - from Joe Schmo on the street with
> his $10 certificate, to the multi-billion dollar multi-national with
> engineers committed to dealing with just this issue - to detect
> misissuance.
It gives the potential, yes. Pinning could do the same...
>
> I think you're pretty grossly understating the benefit here.
>
>
> IMO pinning can achieve the same way cheaper (for me). And again,
> if we could combine revocation for example, the benefit would be
> much bigger and trade off the expenses/efforts...
>
>
> Assume the cost of pinning is $100/year/site.
How did you arrive at that sum? Pinning shouldn't really cost anything
once the code is in the browsers. I also assume that code changes for CT
wouldn't be any cheaper than that.
> Assume the cost of CT is $10,000/year/CA.
And you vastly underestimate that. My over-the-top calculation looks
fairly different - for a CA budgeting more tightly than others, this
could be a game changer.
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131218/b9a7a146/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131218/b9a7a146/attachment-0001.p7s>
More information about the Public
mailing list