[cabfpub] Misissuance of certificates
philliph at comodo.com
Mon Nov 9 11:38:31 MST 2015
> On Nov 9, 2015, at 9:16 AM, Ryan Sleevi <sleevi at google.com> wrote:
> On Mon, Nov 9, 2015 at 5:29 AM, Dean Coclin <Dean_Coclin at symantec.com <mailto:Dean_Coclin at symantec.com>> wrote:
> You made a statement in another email which, if I'm remembering correctly, said something like this: If a cert is issued from a public root, for public domains, for use by the public, then its contents is automatically public.
> If a cert transitively chains to a publicly trusted root, it should be public, technically constrained subordinate CA notwithstanding.
When we had the Iranian folk attack our affiliate, we had the following sequence of events.
* Attacker generated keypairs and requested issue of 7 certificates.
* 7 certificates were issued and released to the affiliate
* Attacker downloaded one of the certificates via the logged API
Given the circumstances we were forced to assume that the attacker had all seven certificates and later we released the certificates as it turned out these would be necessary to block them in some cases. That was probably the right response in those particular circumstances.
But it is quite possible to imagine circumstances in which the certificate has not become public and the attacker only has the private key. I do not think we want to adopt rules that require a remediation process that allows the attacker to complete their attack.
As far as I am concerned, we want to consider ‘issue’ of a certificate to occur when it is signed for purposes of the BRs. But the attacker can’t use a mis-issued certificate until publication. So these are actually two distinct events as far as response goes.
I don’t think we should assume CT is going to work in one particular way either. When we get into CFRG ECC signed certificates and short lived certs, some interesting new options open up.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public