[Smcwg-public] Certificate Suspension
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Wed Aug 24 20:43:19 UTC 2022
Hi Stephen,
On 24/8/2022 10:00 μ.μ., Stephen Davidson via Smcwg-public wrote:
>
> Hi Ben:
>
> Thanks for the comment.
>
> I believe that support for suspension is not appropriate for the
> publicly-trusted S/MIME for the following reasons:
>
> * For S/MIME recipients this could be confusing, for example in the
> case that a signature on an email could be valid or not on
> different days, with no explanation. The CABF stance for
> publicly-trusted certificates has been that once a certificate is
> "bad" on a CRL it can't be "unbad".
>
I understand the confusion between different CABF WGs but the SCWG
places requirements for TLS Certificates used for server authentication
and the SMCWG is about Certificates used for signing S/MIME messages. A
signing Certificate that was used to sign a message may be
checked/verified more than once at different times.
A signing certificate may become suspended during an investigation by
the CA after some third-party report. That means that the signer should
refrain from signing until this investigation is concluded. If the
signer continues to sign messages during this "suspension" period, the
signatures should not be verified as valid.
If the conclusion of the investigation is that the certificate needs to
be permanently revoked, then the signatures created using that key and
certificate will be permanently invalid from the time the certificate
became suspended. If the result is the opposite, then the certificate is
reinstated (entry is removed from the CRL) and all signatures will be
valid, even during the time of "suspension".
The suspension period is usually reasonably small to minimize this
window of "I check something now and it is invalid, but X days later it
is valid".
> *
>
>
> * For Certificate Issuers, this could also create undesired
> inconsistency in revocation handling across publicly-trusted
> certificate types, particularly in light of the changes
> implemented recently to create CRL consistency under the Mozilla
> policy for TLS.
>
I'm not sure why you are bringing in the server TLS policy. This is the
S/MIME WG and we should focus on rules that reasonably apply to S/MIME
Certificates. If a CA wants to issue different types of certificates
(TLS, Code Signing, S/MIME), they need to follow different rules and
policies. CAs can certainly follow different policies for different
certificate types as we've seen in the past, or use the strictest rules
among various policies and apply for all types. For example, there are
currently no global rules for performing identity validation for S/MIME
Certificates and there are plenty CAs are not using the documented
identity validation policies described in the the TLS or CodeSigning BRs
to validate identity in S/MIME Certificates.
The revocation handling discussion and decision by Mozilla was focused
on TLS Certificates, not S/MIME. The S/MIME use cases were not
considered in the discussion.
> *
>
>
> * For Certificate Consumers, we have no known “default” for how
> revocation checking is performed in client software, or how the
> certificateHold revocation code is treated.
>
Isn't this already described in RFC 5280? If an implementation decides
not to follow the RFC and considers a signing certificate as "valid"
despite being listed in a CRL with revocationReason "certificateHold",
then IMHO it's a problematic implementation.
> I recall the WG did review this draft section about a year ago, but as
> there was no comment (often the case with ‘pick ups’ from other CABF
> standards) the topic is not specifically acknowledged in the minutes.
>
It's quite possible that other topics have not been reviewed in depth
because, realistically, there are too many topics to cover :-) I'm glad
that Ben brought this up and gave the opportunity for other members to
take a closer look.
FWIW, certificate suspension is a challenging topic but not an option we
should disallow from the very beginning. The WG has agreed to be more
inclusive and cover use cases that are currently in existence.
Certificate suspension is one of those cases.
Thanks,
Dimitris.
> Best, Stephen
>
> *From:* Smcwg-public <smcwg-public-bounces at cabforum.org> *On Behalf Of
> *Ben Wilson via Smcwg-public
> *Sent:* Wednesday, August 17, 2022 2:44 PM
> *To:* SMIME Certificate Working Group <smcwg-public at cabforum.org>
> *Subject:* [Smcwg-public] Certificate Suspension
>
> Question - did we previously discuss and decide on "Certificate
> Suspension"?
>
> The draft I'm looking at says, "### 4.9.13 Circumstances for suspension
> The Repository SHALL NOT include entries that indicate that a
> Certificate is suspended."
>
> Don't some legacy implementations allow suspension?
>
> Thanks,
>
> Ben
>
>
> _______________________________________________
> Smcwg-public mailing list
> Smcwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/smcwg-public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220824/17995591/attachment-0001.html>
More information about the Smcwg-public
mailing list