On Sun, Dec 04, 2011 at 07:37:01AM +0100, Ondrej Mikle wrote: > The issuing frequency might be a good lead for setting DOS-protection limit of > allowed protocol changes per time unit in Sovereign Keys implementation > (original draft had 5 changes per month, IIRC).
Note that in the current Sovereign Keys draft design doc, changes to the operational keys on a webserver would not require any writing to the SK timeline. So long as each new operational key/X.509 chain was cross-signed by the Sovereign Key, it would work. The only time you write to the timeline is if you need to revoke or renew the offline Sovereign Key, or change what protocols (HTTP, SMTP, POP, IMAP, XMPP, etc) it is active for. A somewhat relevant aside: the cross-signatures would be embedded in their own extraneous X.509 certs, so the Sovereign Key operator could choose what if any revocation mechanisms they wanted to use for their operational keys (OCSP, CRLs, short-lived cross signatures, or null). > > One additional consideration for "pinning cert protocols" (DANE, Sovereign > Keys, > Auditable CAs, ...) is that such a frequent change must reflect fast to > relying > clients. Shouldn't be really a problem, just a point to note. > -- Peter Eckersley [email protected] Technology Projects Director Tel +1 415 436 9333 x131 Electronic Frontier Foundation Fax +1 415 436 9993
