On Tue, Aug 15, 2017 at 8:31 AM, Gervase Markham via dev-security-policy <
dev-secur...@lists.mozilla.org> wrote:
> On 01/08/17 09:21, userwithuid wrote:
> > In this context @Mozilla: Those additional distrust entries are
> > coming from NSS, but they are all pre-OneCRL afaics. Is this
> > coincidence (= there wasn't any "high-profile" enough distrust
> > warranting nss addition) or has the certdata-based distrust been
> > entirely obsoleted by OneCRL (= there will never be any new distrust
> > entries in certdata)?
>
> OneCRL does not obsolete certdata.txt-based distrust because not
> everyone checks OneCRL. While we can't add every cert in OneCRL to
> certdata.txt, we should add the big dis-trusts to it. Do you think
> there's anything missing?
>
Note: adding to certdata.txt, at present, will have various undesirable
side-effects:
- Distrust records, without associated certs, can present UI issues when
viewing and editing (which is why the associated certs are included in
certdata.txt)
- Distrust records, without associated certs, creates issues for various
tools consuming certdata.txt
- Distrust records, _with_ associated certs, can present UI issues when
viewing and editing (yes, it's a no-win, and that's the point)
- Distrust records, _with_ associated certs, can present new challenges for
distributions that patch (failing to include a new root = things don't work
that should. failing to distrust an old certificate = things that shouldn't
work, do)
Could you indicate what you believe 'big' distrusts are versus 'little'
distrusts? Are we talking root vs subordinate CA? Something else?
Given that distrusting a certificate (whether because CA requested - such
as a cessation of operation - or imposed - such as compromised) presents
path building risks and challenges, the current approach of placing it
within OneCRL minimizes the risk to certdata.txt consumers, which are
fairly consistently poorly suited for path discovery, and generally only
possess limited path validation capabilities. That is, introducing distrust
records could 'break' legitimate chains, given the common path "building"
implementation, which is why it's useful to keep separate.