[Cryptography] TB2F CAs as (un)official browser policy
ben at links.org
Fri Mar 20 05:34:11 EDT 2015
On 19 March 2015 at 11:13, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
> An interesting discussion is currently occurring on the Mozilla security
> policy list. It seems a CA is late in filing an acceptable audit statement
> (the sort in which Ernst and Young said DigiCert was OK, WebTrust said
> TrustWave was OK, PWC said DigiNotar was OK, and so on). The deciding factor
> on pulling the CA's cert is:
> Richard Barnes has verified that there's minimal compatibility impact to
> removing this root certificate. Current telemetry shows that this root has
> been responsible for 9.57k out of 9.4B validations, or about one in a
> OTOH if you're TB2F and get 0wned by Iranian hackers (Comodo, not DigiNotar,
> who weren't TB2F) then nothing happens.
>From what I can tell, there's quite a difference between the Comodo
and DigiNotar incidents:
1. Comodo appears to have been hacked via a fake RA login, whereas
DigiNotar actually was owned.
2. Comodo issued eight fake certs, DigiNotar > 500.
3. Comodo knew what certs were issued, DigiNotar did not.
4. Comodo did not sit on the facts for 6 weeks.
I'm not sure what relative size by certs issued (or by validations,
which does seem a better metric) Comodo and DigiNotar were at the time
(anyone got numbers?), but I do know that removing the DigiNotar root
had considerable fallout, particularly if you were Dutch...
More information about the cryptography