On 8/27/2014 7:11 AM, Jean-Marc Desperrier wrote: > David E. Ross a écrit : >> With a redacted audit report, the presumption >> should be that hidden negative information exists that would disqualify >> the certification authority from having its root certificate in the NSS >> database if such information were disclosed. >> >> any redaction would imply the existence of hidden negative >> information that would necessitate removal of the affected root >> certificate from the NSS database if such information were disclosed. > > I think there's miscomprehension here. > > I understand that the CAs are OK with people knowing that some unknown > serial numbers would give status “good”, but not with them knowing the > exact values of the concerned serial numbers, which could be used to > attack the system. Likewise with the 1024-bit certs with validity beyond > 2013, it's useful to know they existed but a different matter to get the > name of the client (in that case, Mozilla could published the number of > certificates concerned). > Or letting people know which accounts exactly didn't have multi-factor > authentication for certificate issuance. > > I understand the redaction not to be about which kind of problem there > was, but about letting specific nominative information be published > about each problem. >
If a certification authority (CA) were concerned that its audit report would be made public without any redaction whatsoever, that CA should operate in a way that ensures nothing in the report would be embarrassing to itself or harmful to its customers. -- David E. Ross The Crimea is Putin's Sudetenland. The Ukraine will be Putin's Czechoslovakia. See <http://www.rossde.com/editorials/edtl_PutinUkraine.html>. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
