[cabfpub] Critical Vulnerability Scenario

James Burton james at sirburton.com
Fri Jan 19 03:56:31 MST 2018


I know every CA already has a disaster plan in place to maintain certain
level of continuity in case of failure, weather and etc. But is there a
global contingency plan in place if a critical vulnerability was found in
one of the key systems which required immediate change over to a different
key-size, signature algorithm or etc.

Could every CA right now in operation handle such a scenario and reissue
nearly every certificate (if necessary) immediately? How long would it
take? Could CT handle such an influx of requests?

The goal is to achieve 100% secure web and I feel that a global
contingency plan is needed in case of the unlikely event of this scenario
ever happens.

James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20180119/f360999c/attachment.html>


More information about the Public mailing list