There are two issues I see difficulties here. Firstly, what is the
principle by which they are to be knocked out, and how does that
principle apply to others?
with that in mind, here are some thoughts.
On 8/06/12 01:23 AM, Stephen Schultze wrote:
> Certificate Authorities are subject to the legal jurisdictions in which
> they operate. Trusting a Certificate Authority can, depending on the
> case, imply trust in the rule of law of that jurisdiction.
To amplify this point, many agreements have clauses in them reminding
parties of such responsibilities.
It's probably beyond the scope of a simple email discussion to get a
meaningful grip on how these contracts will play in such a situation -
which is to say that it is not entirely clear that one can conclude
anything easily from them.
> As such, it
> is reasonable to ask how trustworthy the rule of law is in a given CA's
> jurisdiction, and how CA claims to maintain integrity and
> trustworthiness in the face of coercive state actors. This is of course
> one of the premises of a 2010 paper co-authored by Sid Stamm (who is a
> peer in the Mozilla CA Certificates module).
>
> The last time we discussed this issue was in the context of GlobalSign's
> office in China. They assured us that because they hold their key
> materials outside of the country and have non-China-based validation
> checks in place, a coercive state actor would not succeed in compelling
> rogue certificates.
OK, but that likely means they hold their key materials in other places
and other checks are pervertable by other places. So we might validly
ask which place, and what perversions exist there.
> CNNIC can offer no such assurance.
>
> We know from ample evidence previously discussed in this forum that the
> Chinese government surveils its citizens and others without meaningful
> judicial oversight.
Well not quite. The Chinese government has arranged its laws so that
they can do so, within their law. This happens to be their legal process.
This concept happens to be rather unfamiliar and unpopular in other
countries. Specifically, the USA has a tradition of separation of
surveillance - the NSA is "banned" from surveilling its own citizens,
and there are some constitutional protections. But this separation is
less popular elsewhere, in the sense of not being as strong. If I
recall correction, Russia and France still maintain their rights to spy
on their own citizens, and Britain has its infamous RIP act.
http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
Which leads to two points, being that I'm not sure you can properly
state that there is no meaningful judicial oversight; more likely you
can state that the judicial oversight is incompatible with the
expectations of some other peoples. Secondly, other countries do the
same. Is this principle to be established and applied to them?
> This constitutes a backdoor on the whole security model described in
> their CPS, and is a threat to Mozilla users.
Well, it's one example of a general backdoor. Not to overstate the
case, but the backdoor has always existed, and it exists for every CA.
In some security schools of thought, the TTP is referred to as a CVP -
centralized vulnerability party - to emphasise the existance of the
backdoor. It is only in commercial PKI that the "backdoor" isn't
formally recognised as a threat, for normal marketing purposes, because
it makes it hard to sell certificates when they can be clearly breached
under legal process.
What we seem to be building here is a claim that CVPs in China are
somehow more vulnerable than those elsewhere. Sure. We just need to
analyse what "more" means.
> Unfortunately, they live and operate in a legal jurisdiction in which
> their best intentions are undermined by the regime that governs them.
What are their best intentions? I would expect them to say that they
are getting SSL out as best they can and they are doing so under limited
and difficult circumstances. I would also say that they are succeeding
in doing that.
Question may reduce to, is the perfect the enemy of the good?
> They are not even allowed by their government to participate directly in
> the approval conversation we are having here.
I think that is no different in effect to most other CAs. Most other
CAs do not expect their people to participate in this forum. Instead,
communications go through one or two designated public voices, and
others are expected to stay out. This is just normal rules of business,
but they are harsh rules. If someone were to speak their mind in this
forum, they could expect to lose their jobs.
Nobody has ever demanded that CAs permit their people speak freely here
because it is understood that USA CAs in particular wrap their people up
in such overbearing NDAs that they can't reasonably talk even if given a
faux permission. The culture of the NDA is extremely strong, and it is
extremely damaging to this forum, we've just all grown used to it an no
longer notice it.
In sum, I'm not sure this point stands. The current situation is that
other than a few standouts, most CAs communicate through their official
mouthpieces.
> Despite all of their
> technical expertise, CNNIC should not be granted authority to certify
> any domain on the internet.
>
> After all, in their own words, CNNIC "takes orders from the Ministry of
> Information Industry (MII) to conduct daily business."
All businesses take instructions from their owners. It's a bit more
complicated when the business has entered into a contract to do X and
the owner states "do !X". We would need to analyse the contracts
carefully to see whether this statement applies equally to other CAs.
Where this does get interesting is that in the last year we have
discussed the principle that a CA is not permitted to ever do an MITM.
Is there ever an exception to this?
As a strawman, I suggest there is: if done under lawful order of an
appropriate court. I wish it weren't so, and I'd welcome attempts to
deal with this seriously -- but that won't be happening in any
discussion of CNNIC.
iang