Boris, this is an excellent idea - essentially, applying `name restrictions` but in the browser itself (and maybe you can even use the `name restriction` mechanism to implement this easily and cleanly).
Other thing you can do is to that browser will remember which CA(s) signed with cert and note any new CA; once detecting new CA you can have browser contact a special Mozilla-run server which know all legitimate mappings (at least, for domains wishing such protection). BTW, in my `TrustBar` FF extension (part of research on usable secure login mechnisms for browsers), we tried to address (also) this threat by including CA name in the display to users, this aspect of TrustBar, as others, was adopted (with minor changes) by most browsers, i.e. displaying the `identified by` information. But this isn't really that useful, i.e., our research found users do not notice this signal. I'm also quite sure most users will also ignore an active warning (i.e., one requiring them to approve using cert from new ca). Amir Herzberg On Tue, Aug 30, 2011 at 7:46 PM, Boris Zbarsky <bzbar...@mit.edu> wrote: > I was looking at our CA root list, and a lot of them seem like "specialist" > CAs that would only issue certs for a limited range of hostnames. Could we > formalize this, and have CAs indicate any such restrictions as part of their > application, then enforce it on our end? That would limit the extent to > which a compromise of one of these "specialist" CAs could be exploited (e.g. > we'd notice that a Dutch CA is being used to sign the Mossad's website and > cry foul, without pre-pinning the CA for the presumably rarely visited > Mossad site). If one of the big CAs that issue certs all over were > compromised there would still be a problem of course, but we could > conceivably demand more diligence in terms of being added to our cert store > from CAs that want to issue certs to everyone .... and even if we don't we > might trust some them more than the specialist CAs to start with. > > Has this been considered before? Is my assumption that a lot of the CAs in > our trust list would only issue to a small subset of possible hostnames > accurate? If so, is doing what I propose above feasible and worthwhile? > > Other than the above and CA pinning for particular sites, any other ideas > on how we can mitigate the scope of problems like this in the future? > > -Boris > ______________________________**_________________ > dev-security mailing list > dev-security@lists.mozilla.org > https://lists.mozilla.org/**listinfo/dev-security<https://lists.mozilla.org/listinfo/dev-security> > > -- Amir Herzberg Associate Professor, Dept. of Computer Science Bar Ilan University http://AmirHerzberg.com _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
