On Tuesday, 6 September 2016 15:11:00 UTC+1, Peter Gutmann wrote: > Why would a public CA even need cross-certification from other CAs?
Maybe this question has some subtlety to it that I'm missing? Acceptance into root trust stores is slow. Glacial in some cases. Mozilla has a published process. Microsoft, Apple and Oracle all say basically "email this address with your details" and beyond that all is opaque, other trust stores are worse / slower. Let's Encrypt was announced in 2014, with its intention from the outset being to operate as a public CA. The ISRG Root (ISRG is the actual 501(c)3 entity behind Let's Encrypt formally) was self-signed in June 2015. In September 2015 they formally applied to all major root trust stores including Mozilla. In October 2015 they received a cross-certification from IdenTrust for Let's Encrypt Authority X1 (and its backup X2) and soon after began "beta" issuance, making real working leaf certificates for the web PKI, obeying the BRs and so on, initially for subscribers who had been pre-vetted and then for the general public. By June 2016, with all major root trust stores still deliberating (Mozilla publicly, everyone else behind closed doors) Let's Encrypt was one of the biggest issuers on the entire World Wide Web. Officially, they were merely a subCA of IdenTrust as far as every trust store is concerned. In practice they were now bigger than almost all the directly trusted public CAs (Symantec and Comodo are bigger by most measures). In July 2016 Mozilla signalled that future Firefox versions would add ISRG Root X1 to their trust store. No word yet from any other major trust store. This is not at all unusual. So, cross signatures are the difference between being able to actually "enter the market" in reasonable time and being stalled out essentially indefinitely. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy