[cabfpub] Pre-Ballot - Short-Life Certificates

Gervase Markham gerv at mozilla.org
Fri Oct 24 07:00:39 UTC 2014

On 23/10/14 19:20, Rick Andrews wrote:
> Gerv, I'm not sure that forbidding CAs to pre-issue short-lived certs
> is auditable, or even desirable. If an attacker can get in to the
> CA's database and extract information, that CA is in big trouble, not
> specifically related to short-lived certs.

The risk I am attempting to mitigate here is the one of the CA who
pre-issues a whole year's worth of "short-lived" certs with sequential
notBefore dates and passes them on to the customer as a block. If the
customer is then compromised, it's as if the attacker had stolen a cert
of a year's duration with no revocation information, because they can do
exactly what the site was doing, and keep deploying a new one of the
certs every day.

So this is not a concern about CA compromise, but client compromise.

I'm very open to alternative wordings which address this risk.


More information about the Public mailing list