[cabfpub] Why would effective revocation be "not sufficient"? (was Re: Draft Ballot 185 - Limiting the Lifetime of Certificates)

Ryan Sleevi sleevi at google.com
Mon Feb 6 15:22:15 UTC 2017

On Mon, Feb 6, 2017 at 7:04 AM, Rob Stradling <rob.stradling at comodo.com>

> On 03/02/17 17:38, Ryan Sleevi wrote:
>> On Fri, Feb 3, 2017 at 9:11 AM, Rob Stradling wrote:
>>     Ryan, what targets
>>     (filesize/performance/reliability/reachability/etc) would CAs need
>>     to meet before it would become viable to reintroduce CRLs to the
>>     WebPKI (i.e., for Chrome to start checking CRLs and hard-failing if
>>     they're unobtainable)?
>> Happy to have that discussion at another time, but it's not germane to
>> the discussion at hand, as I clearly indicated in the original message.
>> It's necessary, but not sufficient, to have that, and we're not
>> presently proposing addressing all the other necessary conditions. Baby
>> steps.
> Ryan, before I accept your side-stepping of my question, I would like
> everybody to fully understand precisely why you're saying that effective
> revocation checking would be "not sufficient" as an alternative to reducing
> certificate lifetimes.  ISTM that lots of folks do not grok you yet, so
> please humour me for a moment...

> Let's pretend, for the duration of this sub-thread, that revocation is
> already 100% effective.  i.e., Whenever a CA clicks the "Revoke" button,
> magic things happen, and within an acceptably short period of time 100% of
> users are prevented from relying on that certificate.
> Please would you enumerate precisely what, under these (currently pretend)
> conditions, you would consider to be the security benefits (that aren't
> already provided by effective revocation) of reducing the maximum permitted
> certificate lifetime?

I'm afraid you misparsed that statement. Reducing certificate validity time
is a necessary condition to improving revocation; however, reducing
validity times does not in and of itself bring about your magic pretend

However, I'm hesistent to engage in that level of discussion, because it's
logically flawed to argue "Imagine we had no problems and had a perfect
solution - what's the problem with that?" The problem, as it should be
obvious, is that we don't have a pretend and imaginary perfect solution.

Instead, we have to ask "What steps are necessary to approach a world in
which such a scenario works, if at all possible?", and my treatise is that
one critical step, in every possible scenario of end-goals so far known, is
to reduce the validity period of certificates.

Now, there are several ways you can argue against that statement:
- Show a world in which reducing the validity period does not help improve
the revocation story using the existing tools, methods, and techniques
available (which today are CRLs and OCSP, or more broadly, CRLSets and
OneCRL and Certificate Distrust Lists). This shows that the value of
reducing validity is less than what I state, but doesn't prove that there's
_no_ value, just _less_ value.

- Show a world in which reducing the validity period _harms_ the revocation
story using the existing tools, methods, and techniques available. In this
scenario, in order to decide whether it helps or hurts, we would have to
look at the relative secondary benefits (of reduced validity time) against
the unintended consequences of harm being caused, and make a judgement as
to whether it was a net positive or net negative.

- You could consider imagining some new way in which to solve the
revocation problem, in which reducing the validity period is either
unnecessary or actively harmful. However, for that argument to pay off, you
need to more broadly establish that your proposal is viable (e.g. it is the
pretend and imaginary perfect solution). If you're able to do that, which
would be fantastic if so, it only establishes that the revocation story is
_less_ of an argument _until_ the ecosystem has implemented said pretend
and imaginary perfect solution.

This is why I posit that unless you can show it actively _harms_
revocation, it's largely irrelevant to the discussion at hand, because we
know very clearly under the existing tools, methods and techniques today,
that reduced validity times _help_ the ecosystem, by resulting in smaller
(CRLs, CRLSets/OneCRL/CDLs), since it's possible to remove those entries
once expired.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170206/06c475e2/attachment-0003.html>

More information about the Public mailing list