On 2018-12-04 10:25, Wojciech Trapczyński wrote:
On 04.12.2018 10:01, Kurt Roeckx via dev-security-policy wrote:
On 2018-12-04 7:24, Wojciech Trapczyński wrote:
Question 1: Was there a period during which this issuing CA had no
validly signed non-expired CRL due to this incident?
Between 10.11.2018 01:05 (UTC±00:00) and 14.11.2018 07:35 (UTC±00:00)
we were serving one CRL with corrupted signature.
Do you have any plans to prevent serving CRLs with an invalid
signature and keep the old CRL in place until you have a valid one?
This one CRL with corrupted signature was serving between dates I
mentioned. Starting from November 14th 07:35 (UTC±00:00) we are serving
CRL with a valid signature. I have described it in the Bugzilla bug
(https://bugzilla.mozilla.org/show_bug.cgi?id=1511459#c2).
I think you misunderstood my question. I think you should never serve an
invalid file. I think it's better to have a file that is 1 or 2 days old
then it is to have an invalid file. So you could check that it's a valid
file before you start serving it, and if it's invalid keep the old file.
Kurt
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
