Dear DSP participants, Recently at the IETF a novel compression scheme for certificates was put forward. This compression scheme depends on a dictionary based on all CA certificates and intermediates. The presence of many small CAs expands this dictionary, and the benefit of small CAs is small.
Small CAs have other costs: they are unlikely to have the resources to comply with more intrusive security measures or staff that can execute the tasks required when these measures fail. Meanwhile they have the same capacity to damage the security of the webPKI as much more well resourced ones. At the same time todays small CA is tomorrow's giant and refuge should we need to distrust a big CA. I'd like to propose that any CA that has existed for five or more years whose annual issuance volume is under 2,000 EE certs be distrusted. To avoid injuring subscribers this distrust is "mild": all existing issued certs are fine, and the entity can handle all but the BR validation for specified intermediate of a bigger CA. This prevents the user community of the CA from being left high and dry. I haven't counted how many would be affected. For clarity I think this should only be for TLS server auth mainly because that's the highest risk kind of CA. I realize this is an inevitably controversial proposal, (I called it a can of worms at the mic) but the guidelines already ask for a balancing task between the value to users and the risk posed by a CA. I don't think we should be afraid to put some numbers on. Sincerely, Watson Ladd -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/a93695d0-d3a0-45a8-af55-7cbe0a81fd8dn%40mozilla.org.