Confirmed users, Administrators
5,526
edits
CA:MaintenanceAndEnforcement: Difference between revisions
→Concerns
m (→Concerns) |
|||
| Line 136: | Line 136: | ||
#* The Certificate Manager displays the Actively Distrusted certificate in the same manner as other certificates, and the trust bits may be manually turned on by users. | #* The Certificate Manager displays the Actively Distrusted certificate in the same manner as other certificates, and the trust bits may be manually turned on by users. | ||
= Concerns = | |||
* Certs with weak RSA keys or insufficient key usage can be used maliciously until we implement {{Bug|360126}} and {{Bug|725351}}. | |||
* If the certificate to be distrusted is cross-signed by another certificate in NSS, then the Serial Number and Issuer for that certificate chain also has to be distrusted. This is error-prone, even if we ask every CA in Mozilla's program if they have cross-signed with the certificate to be distrusted. | * If the certificate to be distrusted is cross-signed by another certificate in NSS, then the Serial Number and Issuer for that certificate chain also has to be distrusted. This is error-prone, even if we ask every CA in Mozilla's program if they have cross-signed with the certificate to be distrusted. | ||
** Possible Scenario: A cross-signing relationship is overlooked, so the malicious certificate continues to be trusted even after the security update. | ** Possible Scenario: A cross-signing relationship is overlooked, so the malicious certificate continues to be trusted even after the security update. | ||