Nick, We do exactly that for some device producers already. Robin Alden, Comodo. (Sent from my phone)
---- Nick Lamb via dev-security-policy wrote ---- >On Monday, 19 June 2017 09:32:20 UTC+1, troy.f...@cisco.com wrote: >> The compromised certificate for drmlocal.cisco.com serial number >> 6170CE2EC8B7D88B4E2EB732E738FE3A67CF672 has been revoked. A new certificate >> is being reissued to drmlocal.cisco.com and we will work with the developers >> of the YES video player to ensure that the issue does not happen again. > >Troy, the name makes me suspicious, what - other than this trick which isn't a >permissible use - was the drmlocal.cisco.com name ever for in the first place? >If it doesn't have any legitimate use, there was no purpose in seeking a >re-issue of the certificate. > >The right way to approach this problem will be to issue unique keys and >certificates to individual instances of the system, this both satisfies the >BRs and (which is why) achieves the actual security goal of partitioning each >customer so that they can't MitM each other. > >It is a little surprising to me that (at least so far as I know) no >manufacturer has an arrangement with a CA to issue them large volumes of >per-device certificates in this way. I expect that Comodo (to name one which >definitely has business issuing very large volumes) would be able to >accommodate a deal to issue say, a million certificates per year with an >agreed suffix (say, .nowtv.cisco.com) for a fixed fee. The first time it's >attempted there would be some engineering work to be done in production and >software for the system, but nothing truly novel and that work is re-usable >for future products. >_______________________________________________ >dev-security-policy mailing list >dev-security-policy@lists.mozilla.org >https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
