[cryptography] Auditable CAs

Chris Richardson chris at randomnonce.org
Mon Nov 28 05:39:09 EST 2011


Today, a site operator can opt-out of the CA system by using a
self-signed certificate.  When users go to the site they get a warning
that they blindly click-through.  This degrades one of the main
benefits of the CA system.

> Browsers will need to require (at some point in the future) that all public certificates are
accompanied by an audit proof
> CAs that are added to the trust root by users or administrators can opt out of public audit

How will the opt-out mechanism work so that it is not degraded by uses
clicking through a warning?

 -- Chris

On Sun, Nov 27, 2011 at 6:09 PM, Ben Laurie <ben at links.org> wrote:
> On Sun, Nov 27, 2011 at 10:54 PM, Tom Ritter <tom at ritter.vg> wrote:
>> So my biggest question is what defines a "publically visible
>> certificate"?  Of course every certificate gmail uses would be
>> public... but what about the cert that corresponds to the new product
>> google is launching that's in beta for a few users?  That cert should
>> be published... but then that lets the cat out of the bag.  (Isn't
>> this almost the same problem DNSSEC has?)  I'm confused about whether
>> people opt-in, or opt-out, or opt-anything.
>
> Google has two options, I think.
>
> 1. Tell the few users to ignore the scary warning.
>
> 2. Ask the few users to configure a secret log that validates the beta cert.
>
>>
>>> Similarly it might be> possible to allow an intermediate CA to create
>>> private certificates within a subdomain - in this case> the intermediate CA certificate would have to be logged
>>> along with which domain it could create> subdomains in, so that mis-issues can still be detected.
>>> For example, an X.509 extension specifying> the permitted domains could be included in the certificate.
>>
>> Wouldn't this be easier done with NameConstraints?
>>
>> -tom
>> _______________________________________________
>> cryptography mailing list
>> cryptography at randombit.net
>> http://lists.randombit.net/mailman/listinfo/cryptography
>>
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>



More information about the cryptography mailing list