[Cryptography] TB2F CAs as (un)official browser policy

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Mar 19 07:13:42 EDT 2015

An interesting discussion is currently occurring on the Mozilla security
policy list.  It seems a CA is late in filing an acceptable audit statement
(the sort in which Ernst and Young said DigiCert was OK, WebTrust said
TrustWave was OK, PWC said DigiNotar was OK, and so on).  The deciding factor
on pulling the CA's cert is:

  Richard Barnes has verified that there's minimal compatibility impact to
  removing this root certificate. Current telemetry shows that this root has
  been responsible for 9.57k out of 9.4B validations, or about one in a

OTOH if you're TB2F and get 0wned by Iranian hackers (Comodo, not DigiNotar,
who weren't TB2F) then nothing happens.  So alongside DigiNotar's cert count,
we now have another lower bound for the browser vendors' TB2F criteria, 10K
certs issued isn't enough.


More information about the cryptography mailing list