[Cryptography] New free TLS CA coming
iang at iang.org
Thu Nov 20 04:42:49 EST 2014
Answering 3 at once.
On 20/11/2014 07:55 am, Peter Bowen wrote:
> On Wed, Nov 19, 2014 at 11:27 PM, Peter Gutmann
> <pgut001 at cs.auckland.ac.nz> wrote:
>> Mark Atwood <me at mark.atwood.name> writes:
>>> So Mozilla et al have been giving CAcert the runaround for over 4 years now,
>>> and then suddenly they create a more centralized less audited "Let's Encrypt"
>>> shows up, and it's welcomed into the root?
>> That was my immediate reaction as well. CACert has been given the runaround
>> for more than just four years, it's been more than a decade, and yet as soon
>> as a Mozilla-sponsored CA turns up it's in.
For lolz, that was my immediate reaction too :) But it doesn't really
accord with the facts.
What happened to CAcert was more complicated. They tried to create a CA
with governance only on the user side, not very much if anything at all
on the systems side. In order to put some amount of governance into the
systems side, they had to write a fair amount of doco, develop quite a
few procedures, and roll them out.
It all took a while, like about 3-4 years. Now they are doing it, and
now it is pretty good, and would likely pass the audit of that time.
For example of how good their governance is, CAcert have more or less
defeated a steady run of intel attacks to insert trusted spooks into the
operation, which cannot be said for any other organisation that has been
named recently as having been insider-breached, e.g., google, Mozilla,
not to mention the happily owned slaves such as Cisco.
But unfortunately, the game changed while CAcert was doing this. The
largest factor of this was the arisal of phishing, which triggered a
brief rebellion by the vendors who met in secret in Toronto (?) one day.
This then caused the CAs to get spooked, who were already running
around trying to set up a cozy new cartel, so they headed the rebellion
off at the pass, brought the vendors into the fold, and then worked in
secret for 2 years to craft "Baseline Requirements."
By the time they were done, and CAcert was still puddling along working
at its glacial speed with practically no funding, the game had shifted
substantially. They now had to deal with 3 or 4 audits: BR, WebTrust,
pre-EV and EV. Also, the original browser equation had changed from
Firefox + IE to add in Chrome, and Safari on Mac OSX was now interesting
again. So the Firefox-first notion failed as well.
Game over. You'll notice that only some the problem can be attributed
to the anti-competitive behaviour of vendors and CAs; another portion
attaches to the luck of having more browsers to approach, and a
fair-sized chunk lands at CAcert's door for being just so darned slow.
>> Perhaps someone from Mozilla would be able to explain what the difference is
>> that gets Let's Encrypt immediate acceptance while CACert has been left out in
>> the cold for more than a decade.
> I am not from Mozilla, but there have been postings in several forums
> that answer this. The short answer is Let's Encrypt is not getting
> special treatment from Mozillla. They are planning to start as CA
> that is subordinate to the IdenTrust (DST) root and then apply for
> acceptance into all browsers using the normal processes. Presumably
> this means they will have to pass the same WebTrust for CA and
> WebTrust for BR audits other CAs have to pass.
Right, so this is the other path. CAcert could in theory purchase a
sub-root access from a bigger CA. I'm not sure how viable this is,
nobody at CAcert really likes that idea, and I've not come across a CA
that likes it either ;)
> According to Ian Grigg, who was the independent auditor for CAcert,
> they chose to not ask Mozilla to include CAcert in the Mozilla list of
> trusted roots (https://bugzilla.mozilla.org/show_bug.cgi?id=215243#c158).
Well, to clarify: as it was taking so long, and as people were 99%
stupidly claiming that this was a push-button operation, and it was
Mozilla's fault for not pushing the button, I withdrew the application
that had provisionally been put in place. It had no real effect anyway,
it was all going to be in the real application, which last I heard is
still not really on the table for lack of an external auditor.
More information about the cryptography