On 12/06/2024 02:36, Nick Harper wrote:
If Trust Expressions does meaningfully change the calculus compared to
certificate_authorities, it does it in a way that lessens risk. The
certificate_authorities extension doesn't scale support the legitimate
use case of trust negotiation/advertisement that Trust Expressions
supports, but this problem doesn't exist for certificate_authorities
advertising a single government CA. In your first example of how
certificate_authorities differs from Trust Expressions, you've given
an example of how Trust Expressions is less risky than
certificate_authorities.
You can't argue that T.E. contains the functionality of
certificate_authorities as a subset, then conclude that having
additional functionalities makes it less risky. You would need to argue
the exact opposite, that T.E. doesn't contain the bad functionalities of
certificate_authorities. The risk associated with abuse of a feature is
not in any way diluted by tacking on good use cases.
The complexity of deploying certificate_authorities for the government
CA "risky" use case is much less than it is for Trust Expressions. The
"risky" use case requires clients advertise the name of the CA, and it
requires servers to be able to match a name in the
certificate_authorities extension against one of its multiple
certificates. This deployment has no machinery with CAs, ACME servers,
or root programs publishing manifests. When you say
certificate_authorities doesn't have any of the machinery necessary,
that's because it doesn't need any such machinery, as Devon explained
in point 4. In the "risky" use case, Trust Expressions requires the
government to implement or compel more actions than it would with
certificate_authorities. Starting with the clients, it would need to
compel root programs to manage and publish an additional trust store
manifest (or manage its own trust store manifest and compel
advertisement of that as part of compelling trust). It would also need
to have its CA (and the CA's ACME server) support the government trust
store in its CertificatePropertyList. It looks like there's a lot more
compulsion involved in this government-forced trust use case when the
government uses Trust Expressions instead of certificate_authorities.
I wonder what such a trust store manifest would look like... [1] [2].
There's at least one large player out there with a list of CAs ready to
go and all the necessary machinery in place.
[1] https://eidas.ec.europa.eu/efda/tl-browser/#/screen/home
[2]
https://eidas.ec.europa.eu/efda/swagger-ui/index.html#/api-browser-controller/getTrustedList
_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org
