[Servercert-wg] Ballot SC23: Precertificates

Jeremy Rowley jeremy.rowley at digicert.com
Wed Oct 23 19:59:53 MST 2019


Can you elaborate on this? What makes it bad?

From: Ryan Sleevi <sleevi at google.com>
Sent: Wednesday, October 23, 2019 8:36 AM
To: Dimitris Zacharopoulos (HARICA) via Servercert-wg <servercert-wg at cabforum.org>
Cc: Jeremy Rowley <jeremy.rowley at digicert.com>; Wayne Thayer <wthayer at mozilla.com>; Kirk Hall <Kirk.Hall at entrustdatacard.com>
Subject: Re: [Servercert-wg] Ballot SC23: Precertificates

Right.

We're not supportive of attempting to define a Precert as a Cert. That is, I don't see us being able to vote in favor of Wayne's current ballot.

That has a host of undesirable interactions in ways that don't make sense. Again, the example I raised is one that I think is unaddressed and would be very unreasonable, but the natural reading: that Precert Signing Certificates need to operate OCSP responders, and that Precerts issued by Precert Signing Certs are BR violations (due to RFC 5280 due to the interaction between the Issuer field of the Precert vs the CA that signed it).

The very design of RFC 6962 is that Precertificates are-not Certificates; they're something "else" (like an OCSP response or a CRL). From a policy perspective, they're implied proof of an equivalent certificate, but that's very different than stating they are Certificates. It's that subtlety that has tripped up some, but not all, and so it's great thing to clarify.

However, calling Precerts as Certs is bad, and will cause more CAs to violate the BRs than would not.

On Wed, Oct 23, 2019 at 3:10 AM Dimitris Zacharopoulos (HARICA) via Servercert-wg <servercert-wg at cabforum.org<mailto:servercert-wg at cabforum.org>> wrote:
Sure, other CAs have expressed concerns about that so ultimately I leave it up you to you, Rob and Wayne to decide how to proceed.

For what it's worth, we might need to examine any unintended consequences from this proposal, for example the fact that revoked Pre-certificates are not included in CRLs and adding revoked Pre-certificates in CRLs might increase their size, etc.

For what it's worth, this is one of the few places where it does make sense to be clear.  It's not revocation information for a Precertificate, however; it's a presumption of an equivalent Certificate, and revocation information for that certificate. If a Precertificate is signed, and it's seen as signed proof that an equivalent certificate exists, and that certificate needs to be revoked, the CA should be adding that to CRLs, just like they should be adding it to OCSP. The risk described here is only if the CA is signing precerts that equal misissuance, and that would be very bad for reasons other than CRL size.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191024/44ac843d/attachment-0001.html>


More information about the Servercert-wg mailing list