[cabfpub] Private key control
Ryan Sleevi
sleevi at google.com
Fri Oct 24 17:00:22 UTC 2014
That wasn't what I asked.
On Oct 24, 2014 9:57 AM, "Ben Wilson" <ben.wilson at digicert.com> wrote:
> The requirement it fills is RFC 3647 section 4.3.2.1 (section 3.2.1),
> unless we want to say “No stipulation”. Bruce should talk with Santosh
> Chokhani who wrote the RFC and see what he says.
>
>
>
> *From:* Ryan Sleevi [mailto:sleevi at google.com]
> *Sent:* Friday, October 24, 2014 10:50 AM
> *To:* Ben Wilson
> *Cc:* Jeremy Rowley; Bruce Morton; Rick Andrews; CABFPub
> *Subject:* Re: [cabfpub] Private key control
>
>
>
> Before you go proposing more requirements just to have more requirements,
> which is the unfortunate way I interpret "so we have something to put in
> this section", I'd again like to repeat the request that you elaborate on
> the threats you believe this addresses.
>
> Surely, if this provides any security value, you can at least elaborate
> one or two actual scenarios that you believe the BRs fail to address, and
> that this would.
>
> Cheers
>
> On Oct 24, 2014 9:47 AM, "Ben Wilson" <ben.wilson at digicert.com> wrote:
>
> Bruce,
>
> I assume you’re not opposed to coming up with wording that is less
> specific but would at least eventually fill in content for section 3.2.1 of
> an RFC-3647-formatted CP, which is what I’d like us to be working toward.
> If we really want to strip this down, even though I think we should
> address the MITM concern, then maybe we could just say something like,
> “Prior to issuing a Certificate, the CA MUST verify that the Applicant
> possesses the Private Key associated with the Public Key to be included in
> the Certificate. The CA MAY verify this association by obtaining a CSR
> from the Applicant.” ?
>
>
>
> In other words, I don’t think anyone wants to disrupt internal practices
> of CAs that comply with this textbook CA baseline practice, unless you are
> saying that for the Web PKI, proof of possession isn’t necessary. If you
> are, then do you have an alternative you could propose? That’s what I’m
> looking for—something that we can all agree on that will fill a hole.
>
> Thanks,
>
> Ben
>
>
>
>
>
> *From:* public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] *On
> Behalf Of *Bruce Morton
> *Sent:* Friday, October 24, 2014 8:19 AM
> *To:* Rick Andrews; Jeremy Rowley; CABFPub
> *Subject:* Re: [cabfpub] Private key control
>
>
>
> I think the requirement should be dropped.
>
>
>
> If we only validate the signature on the CSR, then we do not know if there
> is a man-in-the-middle. You need some other data.
>
>
>
> If we want to technically validate private key control, then we should
> take some action such as sending the Subscriber some information
> out-of-band for signature. The signature would be compared to the signature
> on the CSR to see if the same key was used.
>
>
>
> The softer way that an OV/EV private key control is confirmed is by
> contacting the Subscriber out of band to confirm that they
> made/authenticate the request. I don’t think this works for DV. It will
> also not work when the Subscriber can approve a certificate issuance with
> dual-factor login.
>
>
>
> I don’t think we should have the requirement unless we suggest methods
> that will actually work for all certificate types and our current
> certificate management methods.
>
>
>
> This requirement is not in the BRs or the EV guidelines and we have not
> been suffering from an incidents, so again, I think the requirement should
> be dropped.
>
>
>
> Bruce.
>
>
>
> *From:* public-bounces at cabforum.org [mailto:public-bounces at cabforum.org
> <public-bounces at cabforum.org>] *On Behalf Of *Rick Andrews
> *Sent:* Thursday, October 23, 2014 2:46 PM
> *To:* Jeremy Rowley; CABFPub
> *Subject:* Re: [cabfpub] Private key control
>
>
>
> Jeremy,
>
>
>
> How about “The CA MAY verify this association by obtaining a CSR from the
> Applicant and validating the signature on the CSR.”
>
>
>
> -Rick
>
>
>
> *From:* public-bounces at cabforum.org [mailto:public-bounces at cabforum.org
> <public-bounces at cabforum.org>] *On Behalf Of *Jeremy Rowley
> *Sent:* Wednesday, October 22, 2014 6:57 PM
> *To:* CABFPub
> *Subject:* [cabfpub] Private key control
>
>
>
> During the Code Signing BR discussion a few weeks ago, we noticed that the
> Baseline Requirements lack a definitive requirement for the CA to confirm
> that the Application is properly associated with the Public Key being
> included in the certificate. We’d like to remedy this oversight. What
> does everyone thing about adding a section similar to the following to the
> BRs?
>
> Section 11.1.5 Verification of Key Pair Association
>
> Prior to issuing a Certificate, the CA MUST verify that the Applicant’s
> Private Key is properly associated with the Public Key and a subject name
> to be included in the Certificate. The CA MAY verify this association by
> obtaining a CSR from the Applicant.
>
>
>
> Jeremy
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141024/d1bf4ad7/attachment-0003.html>
More information about the Public
mailing list