CAcert System Admins discussion list

[IanG <iang AT cacert.org>]

Kim Holburn wrote:
> What Would It Take To Have Open CA Authorities?
> http://ask.slashdot.org/article.pl?sid=08/07/18/1721234
>
> I just certified myself at ca-cert:
> http://ask.slashdot.org/comments.pl?sid=618797&cid=24246865
>
> http://ask.slashdot.org/comments.pl?sid=618797&cid=24247955

...
> > They're revoking a certificate roughly every hour, their CRL is  
> > 1.9MB in size and from looking at the serial numbers it seems that  
> > lots of certificates are pretty close to each other, which means  
> > that a significant percentage of issued certs is getting revoked.
> >
> > This would indicate that their loose verification is being severely  
> > exploited by the bad guys.


Well, to answer that, we have to ask a number of questions 
about what revocation is.

Is there a defined purpose to revocation?  Is revocation a 
declaration that there is a compromise?  Or can I revoke 
because I am bored with those mathematics?  Is there some 
law out there that says I can only revoke when the moon is 
at full phase?

I would expect that the CPS should state what the regime of 
revocation is.  I'm not interested in looking right now, but 
IIRC CAcert's CPS says that CAcert's subscribers can revoke 
any time they like, and reasons are not mentioned.  To 
counterbalance that, it should be remebered that reliance is 
tested before the Arbitrator, so there might be some wisdom 
in revoking as soon as the subscriber knows there is a 
problem, but that still doesn't imply there must be a problem.

Hence, the above logic might be popular but would lack any 
foundation.  In other words, the guy is relying on the false 
assumption that a revocation only means compromise.


> > Now are you completely sure that when you add this CA to your store,  
> > you also configure the CRL handling properly? For how often do you  
> > schedule download of the CRL? Do you really think it's a good idea  
> > to download a 1.9MB CRL every 1 hour (there's no OCSP service for  
> > their certs, it seems, at least there's no OCSP URL on their CA  
> > certs)?
> >
> > I suspect that you didn't give a thought to this, as well as the  
> > majority of people who install CAcert root certificates in their  
> > browser, not suspecting what can of worms from security perspective  
> > do they open. They probably don't even know what a CRL is for, not  
> > to mention checking the CRL handling settings in their browser after  
> > they install CAcert's root x.509.


Although subject to some technogeekical babble-analysis, 
this is primarily a legal problem.  The question is one of 
relying on a cert.  The answers to reliance can be found in 
the CCA and NRP-DaL.  Left as an exercise for the reader :)



Another insightful comment was from Philipp Hallam-Baker (I 
guess, who last I heard was chief scientist at verisign or 
something similar).  He said:

===========================
ObDisclaimer: Not speaking for my employer here. Yes I work 
for a commercial CA.

Actually you are way off base here. Mozilla and VeriSign are 
both members of the W3C Web Security Context working group 
where one of the things that we have been working on is how 
to better make use of self signed certificates.

I always enjoy reading articles on Slashdot describing what 
they imagine the optimum strategy for a large public company is.

Making it easier to use encryption with self-signed 
certificates is a benefit to a large commercial CA. People 
who use self-signed certificates today are candidates for an 
upsell to a public accredited domain validate cert later.
===========================


The above is true and helpful, although I would wonder aloud 
why it is that Mozilla and Verisign are taking so long to do 
this, if all are now agreed that self-signed certs are good 
for CAs [1].

Then he goes on to say:


===========================
The basic problem is that people think that a CA sells 
encryption, that is wrong, we sell authentication and in the 
case of Class 3 or EV, accountability. I cannot guarantee 
that the merchant you buy from is honest, or that they will 
deliver that plasma TV. But I can ensure that they are 
likely to face consequences if they do.

If people really want to set up an open CA then read my 
book, the dotCrime Manifesto, I describe what we were trying 
to do when we set up the idea of CA services in the first 
place. I think that setting up an open CA would be a bit 
like *setting up an open source effort to do people's taxes* 
for them. But someone might work out a way to make it 
interesting enough for the participants to have it done well.
============================


The last comment is quite insightful (my highlight).  Yes, 
that's a good metaphor for what CAcert has to achieve: a 
community where we can work to do security stuff that is of 
that level of importance.



iang



[1]  FTR, here is the fuller version of why CAs love 
self-signed certs, cerca 2004: 
http://iang.org/ssl/dr_self_signed.html