Re: [Servercert-wg] Timeline for compromised key blocking

2024-05-10 Thread Clint Wilson via Servercert-wg 
Hi Aaron,

This seems reasonable to me. It might also be worth adding a similar timeline 
to 6.1.1.5.(1) so that, under a circumstance in which the Debian-weak-keys repo 
is updated, there is some amount of time for CAs to ensure their own systems 
are also updated. Since that repo is under the control of the CA/BF, we should 
know ahead of time if it’s going to be updated, so maybe it’s not really 
necessary, but just a thought.

Cheers,
-Clint

> On May 8, 2024, at 2:15 PM, Aaron Gable via Servercert-wg 
>  wrote:
> 
> Section 6.1.1.3 (4) of the Baseline Requirements (as of Ballot SC-073) says 
> "The CA SHALL reject a certificate request if... the CA has previously been 
> notified that the Applicant's Private Key has suffered a Key Compromise using 
> the CA's procedure for revocation request".
> Section 4.9.1.1 (3) of the Baseline Requirements says "The CA SHALL revoke a 
> Certificate within 24 hours... if... the CA obtains evidence that the 
> Subscriber's Private Key... suffered a Key Compromise".
> 
> Imagine the following hypothetical:
> 1. A CA issues a certificate containing a particular public key.
> 2. The private key corresponding to that public key is compromised, and this 
> compromise is reported via the CA's revocation request procedure.
> 3. _Immediately_ thereafter, the CA receives another request for a 
> certificate containing the same public key.
> 
> Is the CA required to reject the certificate request in Step 3?
> 
> Arguments for "yes":
> * By virtue of being notified via the revocation request procedure, the CA 
> has been made aware of the compromise, and therefore must reject it.
> 
> Arguments for "no":
> * It is obviously impossible for a CA to _immediately_ begin rejecting such 
> requests; this is why CAs have a 24-hour timeline for revocation.
> * The relevant text in Section 4.9.1.1 uses the phrase "obtains evidence" 
> rather than "made aware", so perhaps the CA is only "made aware" of the key 
> compromise somewhere later in the revocation and blocking process.
> 
> If I were to propose a ballot which introduces a 24-hour timeline into 
> Section 6.1.1.3 (4), would others be willing to endorse?
> 
> Thanks,
> Aaron
> ___
> Servercert-wg mailing list
> Servercert-wg@cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg



smime.p7s
Description: S/MIME cryptographic signature
___
Servercert-wg mailing list
Servercert-wg@cabforum.org
https://lists.cabforum.org/mailman/listinfo/servercert-wg

[Servercert-wg] Timeline for compromised key blocking

2024-05-08 Thread Aaron Gable via Servercert-wg 
Section 6.1.1.3 (4) of the Baseline Requirements (as of Ballot SC-073) says
"The CA SHALL reject a certificate request if... the CA has previously been
notified that the Applicant's Private Key has suffered a Key Compromise
using the CA's procedure for revocation request".
Section 4.9.1.1 (3) of the Baseline Requirements says "The CA SHALL revoke
a Certificate within 24 hours... if... the CA obtains evidence that the
Subscriber's Private Key... suffered a Key Compromise".

Imagine the following hypothetical:
1. A CA issues a certificate containing a particular public key.
2. The private key corresponding to that public key is compromised, and
this compromise is reported via the CA's revocation request procedure.
3. _Immediately_ thereafter, the CA receives another request for a
certificate containing the same public key.

Is the CA required to reject the certificate request in Step 3?

Arguments for "yes":
* By virtue of being notified via the revocation request procedure, the CA
has been made aware of the compromise, and therefore must reject it.

Arguments for "no":
* It is obviously impossible for a CA to _immediately_ begin rejecting such
requests; this is why CAs have a 24-hour timeline for revocation.
* The relevant text in Section 4.9.1.1 uses the phrase "obtains evidence"
rather than "made aware", so perhaps the CA is only "made aware" of the key
compromise somewhere later in the revocation and blocking process.

If I were to propose a ballot which introduces a 24-hour timeline into
Section 6.1.1.3 (4), would others be willing to endorse?

Thanks,
Aaron
___
Servercert-wg mailing list
Servercert-wg@cabforum.org
https://lists.cabforum.org/mailman/listinfo/servercert-wg