Jean-Marc Desperrier wrote:I don't expect this crl will get large. If signed spyware extension don't work, attackers will very fast give up and try something else.
You do realise how much work/effort this will entail, and in effect will turn MoFo into a make shift CA, as they'd have to start vetting everyone that wants a code signing certificate, and all the fun that goes with it...
As Ian repeatedly told us, if you base the security on the fact you properly vetted the requestor, you will soon be confronted with the fact it's not so difficult or expensive to fake an identity.
So, this is not what the security will be based on, and we don't need a sophisticated identification mecanism.
But yes this is a part that needs to be refined to be effective.
The most important is not that the signer proves who he is, but that he proves that he has a valid usage for an extension signing certificate.
So maybe the rule could be that the requesters must first create his extension, make it available in an unsigned state where only advanced users can test it, and then make a request to get a signature certificate to diffuse it. It will be approved only after a community feedback confirms it's a useful extension.
This could be seen as similar to the way one can get extended rights on bugzilla.mozilla.org.
The limit I see with that model is what if a commercial usage for extensions begins where the extension will only be available to paying users ? But there could be for that case an alternative option of getting the extension reviewed by some selected people without being publicly available.
This model could be pushed even a little further, the developers could not actually own the signature key, but have to deposit new version of their extension to an automated signature system. This would garantee it's impossible to hide the content you have signed, and impossible to win time until the bad purposes you use your certificate for are discovered.
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
