Re: Proposal: prohibit issuance of new certificates with known-compromised keys, and for related purposes

On Thu, Apr 09, 2020 at 04:55:51PM +0100, Nick Lamb via dev-security-policy wrote: > Right-sizing of Bloom filters is an issue, but you only need to get > ballpark accuracy. If we genuinely aren't sure if there will be a > thousand or a billion RSA private keys compromised next year then yup >

Re: Proposal: prohibit issuance of new certificates with known-compromised keys, and for related purposes

On Mon, 6 Apr 2020 12:56:02 -0400 Ryan Sleevi via dev-security-policy wrote: > It's not as easy as saying "use a bloom filter" if a bloom filter > takes X amount of time to generate. I've spent a bunch of time up to my neck in bloom filters (they're one of the key components of 4store, a GPL'd

Re: Proposal: prohibit issuance of new certificates with known-compromised keys, and for related purposes

On Mon, Apr 06, 2020 at 12:56:02PM -0400, Ryan Sleevi wrote: > On Mon, Mar 30, 2020 at 5:32 PM Matt Palmer via dev-security-policy > wrote: > > Righto, the goals are: > > > > * Make it a policy violation for CAs to issue a certificate using a public > > key they've revoked before. > > > > *

Re: Proposal: prohibit issuance of new certificates with known-compromised keys, and for related purposes

On Mon, Mar 30, 2020 at 5:32 PM Matt Palmer via dev-security-policy wrote: > Righto, the goals are: > > * Make it a policy violation for CAs to issue a certificate using a public > key they've revoked before. > > * Clarify the language around key compromise revocation to make it obvious >

Re: Proposal: prohibit issuance of new certificates with known-compromised keys, and for related purposes

On Mon, Mar 30, 2020 at 10:59:02AM -0400, Ryan Sleevi wrote: > On Mon, Mar 30, 2020 at 6:28 AM Matt Palmer via dev-security-policy > wrote: > It's useful to focus on the goal, rather than the precise language, or > where you see folks getting confused or misunderstanding things. That > is,

Re: Proposal: prohibit issuance of new certificates with known-compromised keys, and for related purposes

Thanks for starting this! On Mon, Mar 30, 2020 at 6:28 AM Matt Palmer via dev-security-policy wrote: > If such a modification were deemed appropriate for the BRs, I would suggest > that the following changes would fit the bill. All sections, etc taken from > version 1.6.7 of the BRs.

Proposal: prohibit issuance of new certificates with known-compromised keys, and for related purposes

In my recent forays into mass-revocation for key compromise, one aspect that was particularly frustrating and unnecessary was having to send revocation requests for new certificates, issued by a CA using a private key which I had previously reported as compromised to that same CA. Once a key is