On Mon, May 22, 2017 at 12:21 PM, Ryan Sleevi via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote: > Consider, on one extreme, if every of the Top 10000 sites used TCSCs to > issue their leaves. A policy, such as deprecating SHA-1, would be > substantially harder, as now there's a communication overhead of O(10000 + > every root CA) rather than O(# of root store CAs).
Why do you need to add 10,000 communication points? A TCSC is, by definition, a subordinate CA. The WebPKI is not a single PKi, is a set of parallel PKIs which do not share a common anchor. The browser to CA relationship is between the browser vendor and each root CA. This is O(root CA operator) not even O(every root CA). If a root CA issues 10,000 subordinate CAs, then they better have a compliance plan in place to have assurance that all of them will do the necessary things. > It may be that the benefits of TCSCs are worth such risk - after all, the > Web Platform and the evolution of its related specs (URL, Fetch, HTML) > deals with this problem routinely. But it's also worth noting the > incredible difficulty and friction of deprecating insecure, dangerous APIs > - and the difficulty in SHA-1 (or commonNames) for "enterprise" PKIs - and > as such, may represent a significant slowdown in progress, and a > corresponding significant increase in user-exposed risk. > > This is why it may be more useful to take a principled approach, and to, on > a case by case basis, evaluate the risk of reducing requirements for TCSCs > (which are already required to abide by the BRs, and simply exempted from > auditing requirements - and this is independent of any Mozilla > dispensations), both in the short-term and in the "If every site used this" > long-term. It seems this discussion is painting TCSCs with a broad brush. I don't see anything in this discussion that makes the TCSC relationship any different from any other subordinate CA. Both can be operated either by the same organization that operates the root CA or an unrelated organization. The Apple and Google subordinate CAs are clearly not TCSCs but raise the same concerns. If there were 10,000 subordinates all with WebTrust audits, you would have the exact same problem. Thanks, Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy