Raymond Forbes <rfor...@mozilla.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello, > > We are in the process of defining and review the process we use for > generating and revoking receipts. This is a complicated process that > involves signing with a Hardware Security Module. Please take a look > at the spec that we have so far and give any feed back you have. I > have included the architect of the spec and developers who are > responsible for implementing if you have any questions. Let's have a > discussion on how we can make this as secure as possible. > > I will keep the wiki updated from this discussion. > > https://wiki.mozilla.org/Apps/WebApplicationReceipt/GenerationService > > thanks! > - -Raymond > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.17 (Darwin) > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iQEcBAEBAgAGBQJPc1BvAAoJEIGR7m2TZLSD8QEIAJX7V9AgbhSrqs/gvkW6OpoA > Y9ic94jxZ6uYJpXJj7XHH0KPDNBSKq8vlOSckuX3fUBqKi4sD9Mm/lsehZblM5vf > 1BaKk+36mgJ4x7VwhpDXEhArmVBxcwKm0uXBLVJr/TTxPG7TkAE4OZi1dram9g5t > wM0yMCrCoNvZe//UvRg3Avrldafru2MJ2bFoVm1lN/hNylih8WTyccMv6DkDvPAt > DBb31VPVhKh8TCmJrMBKxuHQD82zbAq5f3qRXlQHHqv1Saw9jolxew8oITpVf84Z > yfaLYjyKqS6JIgmUyUmG9OEefPN72Y6FBjClGrQ0K+Lq/fIhoIsm2yReoE8iEdY= > =FYIO > -----END PGP SIGNATURE-----
Hi, If I'd been asked to design something like this, I think I'd have tried a mechanism where the signing nodes locally generate a key and CSR daily and get the root node to sign it. Whereas this design seems to generate daily keys centrally then distribute them. Assuming I've understood correctly, and just as a lesson in security design, I'm intrigued if there's an obvious problem with my approach, or a particular benefit to this design? (security, ease of implementation, operationally?) Off the top of my head, both have difficulties identifying the nodes to either allow to request a key signing, or checking nodes to distribute to. Cheers, David _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
