[Servercert-wg] Timeline for compromised key blocking
Aaron Gable
aaron at letsencrypt.org
Wed May 8 21:14:59 UTC 2024
Section 6.1.1.3 (4) of the Baseline Requirements (as of Ballot SC-073) says
"The CA SHALL reject a certificate request if... the CA has previously been
notified that the Applicant's Private Key has suffered a Key Compromise
using the CA's procedure for revocation request".
Section 4.9.1.1 (3) of the Baseline Requirements says "The CA SHALL revoke
a Certificate within 24 hours... if... the CA obtains evidence that the
Subscriber's Private Key... suffered a Key Compromise".
Imagine the following hypothetical:
1. A CA issues a certificate containing a particular public key.
2. The private key corresponding to that public key is compromised, and
this compromise is reported via the CA's revocation request procedure.
3. _Immediately_ thereafter, the CA receives another request for a
certificate containing the same public key.
Is the CA required to reject the certificate request in Step 3?
Arguments for "yes":
* By virtue of being notified via the revocation request procedure, the CA
has been made aware of the compromise, and therefore must reject it.
Arguments for "no":
* It is obviously impossible for a CA to _immediately_ begin rejecting such
requests; this is why CAs have a 24-hour timeline for revocation.
* The relevant text in Section 4.9.1.1 uses the phrase "obtains evidence"
rather than "made aware", so perhaps the CA is only "made aware" of the key
compromise somewhere later in the revocation and blocking process.
If I were to propose a ballot which introduces a 24-hour timeline into
Section 6.1.1.3 (4), would others be willing to endorse?
Thanks,
Aaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240508/70f106c3/attachment.html>
More information about the Servercert-wg
mailing list