On 07/10/2016 19:25, Andrew Ayer wrote:
On Fri, 7 Oct 2016 12:12:58 +0100
Gervase Markham <g...@mozilla.org> wrote:
* WoSign and StartCom are to be legally separated, with the corporate
structure changed such that Qihoo 360 owns them both individually,
rather than WoSign owning StartCom.
* There will be personnel changes:
- StartCom___s chairman will be Xiaosheng Tan (Chief Security Officer
of Qihoo 360).
- StartCom___s CEO will be Inigo Barreira (formerly GM of StartCom
Europe).
- Richard Wang will be relieved of his duties as CEO of WoSign and
other responsibilities. It is not decided who will replace him.
* StartCom will soon provide a plan on how they will separate their
operations and technology from that of WoSign.
* In the light of these changes, Qihoo 360 request that WoSign and
StartCom be considered separately.
Mozilla is minded to agree that it is reasonable to at least consider
the two companies separately
Consider the following hypothetical: Honest Achmed's Used Cars and
Certificates operates two roots, Honest Achmed Root A and Honest Achmed
Root B. The two roots share much of the same infrastructure, and over
the same period of time, both roots have serious incidents, including
Honest Achmed himself approving the backdating of SHA-1 certificates
under both roots.
After the incidents come to light, Honest Achmed's majority owner,
Uncle Mehmet, fires Honest Achmed and places Root A and Root B under
the control of two separate companies. He asks that Mozilla consider
the fate of Root A and Root B separately.
That seems like a very unreasonable request to me - a mismanaged CA
shouldn't be able to save some of their roots by spinning them off into
a separate company after they're caught. How is WoSign/StartCom
different? It doesn't matter that at one point in the past WoSign and
StartCom were separate companies. During the time that the incidents
occurred, StartCom and WoSign were for all intents and purposes the
same company, one wholly owned by the other, both managed by the same
disgraced CEO, and sharing significant infrastructure. They should
therefore be treated as the same company when responding to these
incidents.
Any restructuring and personnel changes at this point could influence
Mozilla's future consideration of StartCom and WoSign (e.g. during root
inclusion requests) but it cannot change the past and therefore should
not alter how Mozilla responds to what happened in the past.
I would say that it is only natural that when Mozilla or other root
programs act a bit like an enforcement court that it is reasonable that
the root programs consider the same kinds of "soft" circumstances that
a regular court would consider when measuring out punishments.
While it is probably too late at this hour (it is already Saturday in
China, it is already Sabbath in Israel (sunset), and it is late Friday
night on the British isles), some things that could potentially be
added to increase the justification of treating a reborn B better than
A might be (I have absolutely no decision power in this, just arguing
in general):
- Something that involves a significant economic cost to Uncle Mehmet,
thus providing a strong economic disincentive to other CA owners that
might want to participate in a race to the bottom. Each of the
following suggestions would involve at least some such cost.
- Removing ownership of B from the organization that owned it during
its bad year, just in case someone higher up was complicit in ways
other than trusting Nephew Honest Achmed. For example this could
involve selling B at a significant loss.
- A promise that the new / rebooted leaders of B will before a
specified date, and at B's or Mehmet's cost go through the
records from when they first started talking to Achmed until the
reform, looking for mis-issued certificates and/or any way in which
Achmed could have issued certificates not on their records (for
example, was Achmed or his minions given access to the private key or
to some other way of signing certificates outside the control of the
HSM? Did the HSM ever stop counting issued certificates such that the
number of issued certificates is no longer provable? Did the HSM ever
issue certificates that can neither be found nor revoked due to
unknown serial number for example?).
- A promise that before another specified date, an outside auditor
chosen by noone from the A/B/M family will do the same checks as
above, and be paid a specified fee for doing so.
- A promise that new B roots will be spun up and all genuine
certificates reissued at B's or Mehmet's cost before a specified date,
such that 1 month after that date, all the old B roots can be
distrusted.
- A condition that B issues no certificates for the next 15 months,
maintaining a perfect record of functional revocation services during
that time, only then being allowed to reenter with new root keys.
This may or may not be combined with permission to let another
(independent, well-established) CA to run the B brand as seen by
subscribers, with all vetting and security handled by that independent
CA, but with a contractual condition that said independent CA is not
allowed to actively steal customers over to its own brand unless B
closes permanently or is refused reentry to the root programs. Thus B
would loose 15 months of income while keeping up significant
operational costs just for the hope of maybe getting readmitted.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
