[cabfpub] Directory of abuse reporting contacts for CAs?

Kirk Hall Kirk.Hall at entrustdatacard.com
Mon Feb 19 23:05:54 UTC 2018 

John and Peter - this issue has actually come up recently - I think you have a very good idea.

We'll add to our agenda for the next Forum Teleconference call.   Thanks.

Kirk

From: John LaCour [mailto:jal at phishlabs.com]
Sent: Monday, February 19, 2018 2:45 PM
To: questions at cabforum.org
Cc: peter at apwg.org
Subject: Directory of abuse reporting contacts for CAs?


Dear CA Representative:



The CA/Browser Forum's Baseline Requirements Section 4.9.3 says in part:



"The CA SHALL provide Subscribers, Relying Parties, Application Software Suppliers, and other third parties with clear instructions for reporting suspected Private Key Compromise, Certificate misuse, or other types of fraud, compromise, misuse, inappropriate conduct, or any other matter related to Certificates. The CA SHALL publicly disclose the instructions through a readily accessible online means."



However, we sometimes find it difficult to instructions on how and where to submit reports to issuing CAs to request certification revocation due to malicious use.



Would it be possible for the Forum and/or the browser community to create a list of reporting email addresses for each CA in the browser root programs, and post the list to an obvious page on the Forum's website, and maybe also on the CCADB website (Resources tab)?



If for whatever reason, the Forum decides not to make a consolidated listing available as a public resource, we would be grateful if the CAs would provide this information directly so that we may provide a consolidated list to the anti-phishing community via the Anti-Phishing Working Group (APWG).



Also, we would like to make you aware of an APWG program, AmDoS (1) , which facilitates the suspension of malicious domain names.   The program introduces a vetting program for reporters to submit takedown requests to participating domain registries.  This may potentially be a useful model to facilitate revocation requests between the anti-phishing community and CAs. Better, it is built and working and ready to update for the Forum's needs.



We thank you in advance for your help in this effort. We look forward to collaborating with the Forum soon.



Sincerely,

John LaCour

CTO, PhishLabs

jal at phishlabs.com<mailto:jal at phishlabs.com>



Peter Cassidy

Secretary General, APWG

pcassidy at apwg.org<mailto:pcassidy at apwg.org>



(1)  https://www.antiphishing.org/apwg-news-center/amdos/




--
John LaCour
Founder and Chief Technology Officer
M: +1.415.425.5646
jal at phishlabs.com<mailto:jal at phishlabs.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20180219/2eef6f3d/attachment.html>

More information about the Public mailing list