[cryptography] Auditable CAs
chris at randomnonce.org
Mon Nov 28 05:39:09 EST 2011
Today, a site operator can opt-out of the CA system by using a
self-signed certificate. When users go to the site they get a warning
that they blindly click-through. This degrades one of the main
benefits of the CA system.
> Browsers will need to require (at some point in the future) that all public certificates are
accompanied by an audit proof
> CAs that are added to the trust root by users or administrators can opt out of public audit
How will the opt-out mechanism work so that it is not degraded by uses
clicking through a warning?
On Sun, Nov 27, 2011 at 6:09 PM, Ben Laurie <ben at links.org> wrote:
> On Sun, Nov 27, 2011 at 10:54 PM, Tom Ritter <tom at ritter.vg> wrote:
>> So my biggest question is what defines a "publically visible
>> certificate"? Of course every certificate gmail uses would be
>> public... but what about the cert that corresponds to the new product
>> google is launching that's in beta for a few users? That cert should
>> be published... but then that lets the cat out of the bag. (Isn't
>> this almost the same problem DNSSEC has?) I'm confused about whether
>> people opt-in, or opt-out, or opt-anything.
> Google has two options, I think.
> 1. Tell the few users to ignore the scary warning.
> 2. Ask the few users to configure a secret log that validates the beta cert.
>>> Similarly it might be> possible to allow an intermediate CA to create
>>> private certificates within a subdomain - in this case> the intermediate CA certificate would have to be logged
>>> along with which domain it could create> subdomains in, so that mis-issues can still be detected.
>>> For example, an X.509 extension specifying> the permitted domains could be included in the certificate.
>> Wouldn't this be easier done with NameConstraints?
>> cryptography mailing list
>> cryptography at randombit.net
> cryptography mailing list
> cryptography at randombit.net
More information about the cryptography