[cabfpub] Revised document for Ballot 89 - Adopt Requirements for the Processing of EV SSL Certificates v.2

Rick Andrews Rick_Andrews at symantec.com
Sat Oct 13 00:32:19 UTC 2012


Brad,

I would say a DV cert is superior to DANE w/o PKIX because:

-          The DV cert will conform to Baseline Requirements (minimum key size, strong signing and hashing algorithm, acceptable validity period, proper extensions)

-          The DV cert would be very likely to have undergone automated checks for weak keys, weak exponents, not on Debian weak key list, not on internal phish lists, etc.)

-          The DV cert would contain AIA and/or CDP extensions, so if the CA detects that the site is fraudulent, it can revoke the cert.

I feel strongly that a site (either real or fake) with a self-signed certificate with a 30-year validity, containing a 1024-bit Debian weak key, no basicConstraints or CA=true should not be given the same "trusted cert" status indicators as a DV cert.

-Rick

From: Hill, Brad [mailto:bhill at paypal-inc.com]
Sent: Friday, October 12, 2012 3:23 PM
To: Rick Andrews; Ryan Sleevi
Cc: public at cabforum.org
Subject: RE: [cabfpub] Revised document for Ballot 89 - Adopt Requirements for the Processing of EV SSL Certificates v.2

Rick,

Can you provide any examples of ways in which DANE absent PKIX provides an inferior chain of trust to Domain Validated certificates?  Both prove administrative control of a name through means ultimately rooted in the registrar as a trust root. (validating "what", not "who" you are talking to)

  I don't think the CABF has any grounds to discourage such DANE options unless it discourages DV similarly or justifies why DV should be treated any differently.

-Brad Hill

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Rick Andrews
Sent: Friday, October 12, 2012 2:57 PM
To: Ryan Sleevi
Cc: public at cabforum.org
Subject: Re: [cabfpub] Revised document for Ballot 89 - Adopt Requirements for the Processing of EV SSL Certificates v.2

Ryan,

Thanks for your speedy review. You raise a good point about DANE, one which the entire Forum may want to debate. IMO, we (at least the CAs) should be united in discouraging the use of DANE options that disable PKIX chain validation. If browsers add DANE support for option 3 (no PKIX chain validation), then a phisher could set up a fake site with a self-signed cert, and users visiting it would receive no warning whatsoever. I believe there's value if having a CA vet the certificate holder, so the user can't be directed to bunkofamerica.com and get fooled into thinking it's their bank.

Having said that, though, I suspect DANE will involve much debate and I'd rather not wait to resolve that. If others agree with you, I'll roll back the language to make it less contentious.

What are Google's plans for DANE support in Chrome? I suppose it will be dependent on platform support, since Chrome relies on the OS for crypto and PKI.

-Rick

From: Ryan Sleevi [mailto:sleevi at google.com]
Sent: Thursday, October 11, 2012 6:23 PM
To: Rick Andrews
Cc: public at cabforum.org<mailto:public at cabforum.org>
Subject: Re: [cabfpub] Revised document for Ballot 89 - Adopt Requirements for the Processing of EV SSL Certificates v.2

On Thu, Oct 11, 2012 at 5:31 PM, Rick Andrews <Rick_Andrews at symantec.com<mailto:Rick_Andrews at symantec.com>> wrote:
Colleagues,

I've updated the document again to include feedback from Kathleen. I changed the title back to Guidelines as opposed to Requirements, and changed a lot of musts to shoulds.

Please look it over again, especially browser members. If we have consensus on this version, I'll advance it towards a ballot. Thanks,

-Rick


_______________________________________________
Public mailing list
Public at cabforum.org<mailto:Public at cabforum.org>
https://cabforum.org/mailman/listinfo/public

Rick,

Thanks for taking the time to incorporate the feedback raised by the browser members. I think this is a very positive step forward in the document.

I don't have strong feelings on the matter, and certainly haven't implemented anything to the effect, but I wonder what the proposed changes to Section 9 mean for systems that implement DANE Type 3 validation (that is, where DNSSEC is used to obtain the public key, independent of CA trust anchors). Under such scenarios, it seems like there would be some middle ground in the UI between a full EV indication, and the proposed change which is "no secure indicator".

I certainly agree that if RFC 5280 / EV Treatment hasn't been followed, there should be no EV branding, but I'm not sure whether it's necessary to fully strip any security indicator - particularly if using any application-defined or non-RFC5280 validation logic (again, eg: DANE). I see three levels of validation here (with three possible UI brands) - EV, DV, DANE - and the current text seems to suggest that only EV/DV should be used.

The original text (sans proposed addition) handled the above scenario fine, but I'm curious for your thoughts as to what you think the expected behaviour should be for such situations. I'll note this same concern also applies to the proposed "and should not be treated as trusted certificates" for section 13.

For section 13 "but should try the GET method first" - perhaps "should prefer the GET method". This is by no means a sticking point, but it just seems to conflict with the "may use either" implies they could only use POST. "should prefer" provides directions both for implementation and prioritization of the attempt.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20121012/d05edb5b/attachment-0004.html>


More information about the Public mailing list