[cabfpub] Pre-Ballot - Short-Life Certificates
gerv at mozilla.org
Fri Oct 24 00:00:39 MST 2014
On 23/10/14 19:20, Rick Andrews wrote:
> Gerv, I'm not sure that forbidding CAs to pre-issue short-lived certs
> is auditable, or even desirable. If an attacker can get in to the
> CA's database and extract information, that CA is in big trouble, not
> specifically related to short-lived certs.
The risk I am attempting to mitigate here is the one of the CA who
pre-issues a whole year's worth of "short-lived" certs with sequential
notBefore dates and passes them on to the customer as a block. If the
customer is then compromised, it's as if the attacker had stolen a cert
of a year's duration with no revocation information, because they can do
exactly what the site was doing, and keep deploying a new one of the
certs every day.
So this is not a concern about CA compromise, but client compromise.
I'm very open to alternative wordings which address this risk.
More information about the Public