[cabfpub] SHA-1 Collision Found

philliph at comodo.com philliph at comodo.com
Fri Feb 24 18:12:41 UTC 2017


> On Feb 24, 2017, at 12:56 PM, Eric Mill <eric at konklone.com> wrote:
> 
> 
> 
> On Fri, Feb 24, 2017 at 12:11 PM, philliph at comodo.com <mailto:philliph at comodo.com><philliph at comodo.com <mailto:philliph at comodo.com>> wrote:
> 
>> On Feb 24, 2017, at 11:38 AM, Eric Mill <eric at konklone.com <mailto:eric at konklone.com>> wrote:
>> 
>> On Fri, Feb 24, 2017 at 10:46 AM, philliph at comodo.com <mailto:philliph at comodo.com><philliph at comodo.com <mailto:philliph at comodo.com>> wrote:
>> 
>> You are misrepresenting what I am saying. Do not put words in my mouth again. You do not speak for me. Only I speak for me.
>> 
>> Is that totally clear?
>> 
>> It's clear, but not relevant. As best as I can tell, it is an accurate representation of what you said, and nothing in the rest of your message indicated otherwise.
> 
> You are not me, you will not speak for me. not now, not ever.
> 
> Your interpretation was wrong.
> 
> The White House is looking for a new press spokesperson I hear.
> 
> Consider explaining why the interpretation was wrong, as you've yet to contradict it. Again, you said "Things have to break before some people will act. Which is why I consider the proposal to further reduce validity intervals to provide more procrastination time positively harmful.”

As we all know bad security can be worse than no security.

What worries me is that the proposed change that will do nothing to improve security will be a substitute for action that would. And the activities of its proponents here does nothing but re-affirm that belief.

The central issue here is that some people do not want to follow the PKIX spec and support revocation. So they are using a proposal to reduce the vulnerability window from 825 days to 398 to avoid talking about the fact that it should be 1 day.


>> Expiration will remove a compromised certificate from being used in an attack, whether or not any human is aware of the compromise.
> 
> But will not prevent the malefactor being issued a new one. Because in your attack scenario, no CA would have reason not to re-issue.
> 
> It is very easy to devise attack scenarios in which a failure occurs. But they have no real significance unless you can show that your proposed course of action results in a different outcome.
> 
> This scenario does not.
> 
> If all you care about is getting phishing domains revoked by CAs, sure, expiration doesn't help with that. That's not the only kind of attack that exists, and the question of whether CAs should be required to revoke phishing certificates is a very different discussion that shouldn't be entangled with whether or not reducing certificate lifetimes improves security.
> 
> Again, have you looked at the full range of the relying party ecosystem and measured support for expiration vs revocation? That's not to mention the gap in understanding of expiration vs revocation among the slice of the technical community that makes security/engineering decisions in various libraries and applications. The difference in complexity of the two features is enormous.

Phishing domains are not the only problem that exist. But last night I was reading a research paper from an employee of a well known browser provider that seemed to suggest that the number of currently valid certificates issued by one CA for one phishing target (PayPal) was rather higher than the total number of mis-issued certificates from all CA compromises ever, DigiNotar included.

If you want to make an argument based on evidence, then introduce some evidence. To assert that another person is arguing from ignorance and then provide no evidence to support your claim is unhelpful.





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170224/ca1f7af0/attachment-0003.html>


More information about the Public mailing list