[Servercert-wg] Timeline for compromised key blocking

Fri May 10 19:44:42 UTC 2024

Hi Aaron,

This seems reasonable to me. It might also be worth adding a similar timeline to 6.1.1.5.(1) so that, under a circumstance in which the Debian-weak-keys repo is updated, there is some amount of time for CAs to ensure their own systems are also updated. Since that repo is under the control of the CA/BF, we should know ahead of time if it’s going to be updated, so maybe it’s not really necessary, but just a thought.

Cheers,
-Clint

> On May 8, 2024, at 2:15 PM, Aaron Gable via Servercert-wg <servercert-wg at cabforum.org> wrote:
> 
> Section 6.1.1.3 (4) of the Baseline Requirements (as of Ballot SC-073) says "The CA SHALL reject a certificate request if... the CA has previously been notified that the Applicant's Private Key has suffered a Key Compromise using the CA's procedure for revocation request".
> Section 4.9.1.1 (3) of the Baseline Requirements says "The CA SHALL revoke a Certificate within 24 hours... if... the CA obtains evidence that the Subscriber's Private Key... suffered a Key Compromise".
> 
> Imagine the following hypothetical:
> 1. A CA issues a certificate containing a particular public key.
> 2. The private key corresponding to that public key is compromised, and this compromise is reported via the CA's revocation request procedure.
> 3. _Immediately_ thereafter, the CA receives another request for a certificate containing the same public key.
> 
> Is the CA required to reject the certificate request in Step 3?
> 
> Arguments for "yes":
> * By virtue of being notified via the revocation request procedure, the CA has been made aware of the compromise, and therefore must reject it.
> 
> Arguments for "no":
> * It is obviously impossible for a CA to _immediately_ begin rejecting such requests; this is why CAs have a 24-hour timeline for revocation.
> * The relevant text in Section 4.9.1.1 uses the phrase "obtains evidence" rather than "made aware", so perhaps the CA is only "made aware" of the key compromise somewhere later in the revocation and blocking process.
> 
> If I were to propose a ballot which introduces a 24-hour timeline into Section 6.1.1.3 (4), would others be willing to endorse?
> 
> Thanks,
> Aaron
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240510/f9d9d9b8/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3621 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240510/f9d9d9b8/attachment.p7s>