> On Jan 19, 2018, at 7:22 AM, Doug Beattie via dev-security-policy > <dev-security-policy@lists.mozilla.org> wrote: > > Many CA’s haven’t complied with the Mozilla requirement to list the methods > they use (including Google btw), so it’s hard to tell which CAs are using > method 10. Of the CA CPSs I checked, only Symantec has method 10 listed, and > with the DigiCert acquisition, it’s not clear if that CPS is still active. > We should find out on January 31st who else uses it. > > In the meantime, we should ban anyone from using TLS-SNI as a non-compliant > implementation, even outside shared hosting environments. There could well > be other implementations that comply with method 10, so I’m not suggesting we > remove that from the BRs yet (those that don’t allow SNI when validating the > presence of the random number within the certificate of a TLS handshake are > better). [snip]
> Personally, I think the use of TLS-SNI-01 should be banned immediately, > globally (not just by Let’s Encrypt), but without knowing which CAs use it, > it’s difficult to enforce. Doug, I don’t agree that TLS-SNI-01 should be banned immediately, globally. Amazon does not use TLS-SNI-01 today, so it would not directly impact Amazon operations. I think we need to look back to the Mozilla Root Store Policy. The relevant portions are: "2.1 CA Operations prior to issuing certificates, verify certificate requests in a manner that we deem acceptable for the stated purpose(s) of the certificates; 2.2 Validation Practices We consider verification of certificate signing requests to be acceptable if it meets or exceeds the following requirements: For a certificate capable of being used for SSL-enabled servers, the CA must ensure that the applicant has registered the domain(s) referenced in the certificate or has been authorized by the domain registrant to act on their behalf. This must be done using one or more of the 10 methods documented in section 3.2.2.4 of version 1.4.1 (and not any other version) of the CA/Browser Forum Baseline Requirements. The CA's CP/CPS must clearly specify the procedure(s) that the CA employs, and each documented procedure should state which subsection of 3.2.2.4 it is complying with. Even if the current version of the BRs contains a method 3.2.2.4.11, CAs are not permitted to use this method.” While this clearly does call out that the methods are acceptable, it isn’t a results oriented statement. The BRs also do not have clear results requirements for validation methods. What does Mozilla expect to be verified? We know the 10 methods allow issuance where "the applicant has registered the domain(s) referenced in the certificate or has been authorized by the domain registrant to act on their behalf” is not true. I think the next step should be for Mozilla to clearly lay out the requirements for CAs and then the validation methods can be compared to see if they met the bar. Thanks, Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
