CA/B Baseline Requirements


#1

Hi here are often the CA/B rules mentioned. But i think that nobody really rad them.
I am referring to the version https://www.cabforum.org/wp-content/uploads/Baseline_Requirements_V1.pdf
10.3.2Agreement Requirements (Page 18 )

For example under Point 4

Use of Certificate: An obligation and warranty to install the Certificate only on servers that are accessible at the subjectAltName(s) listed in the Certificate,

With this the test page https://cryptoreport.thawte.com/checker/views/sslCheck.jsp would be an break of the contract and could be called illegal. Because the linked https://wronghost.websecurity.symantec.com/ is explicit on an FQDN not mentioned in the SAN.

Or another example

Termination of Use of Certificate: An obligation and warranty to promptly cease all use of the Private Key corresponding to the Public Key included in the Certificate upon revocation of that Certificate for reasons of Key Compromise.

If the key is compromised and the certificate is revoked it mean the key is out of control and how should you take care that he will not be used if he is somehow become public ?

Also for LE the Point 3 is interesting:

Acceptance of Certificate: An obligation and warranty that the Subscriber will review and verify the Certificate contents for accuracy.

This would require that each issued certificate is reviewed after issuing before use. Since LE is proud of the automation how should this be done ?


#2

You agree that you cease all use of the private key when it is revoked. I don’t read this as you having to enforce that no one else does (which, as you state, would be impossible).

I wouldn’t read this as “requires manual review by a human”, specifically. This could be as little as the client checking what you get back is an actual certificate, or verifying the subjectAltNames are correct, or that the correct public key was signed.

This is indeed an interesting point though. Depending on the correct interpretation (which would probably require a lawyer to analyze the language) this might have implications for client development.


#3

Even to agree to cease all use of the private key could become complicated. For example if you have hard coded into firmware code (i know this is stupid as possible). And with the check you are correct it does not require manual check but the question is what the client have to check, or if it is not more in the part of the CA who digital sign that they have to check what they sign? Transferred to real world this would mean if i sign an document not me but the receiver is responsible that the content i signed is correct. And why should the us of the private key be forbidden. More intelligent would be to make an public list of “burned” private key that are expected to be corrupted.
a) By public the signed revocation document.
b) Publish the private key if it got to the public.
Then the original owner should have own interest to stop usage where do not need an contract rule that enforce it.

But the point is that both will effectively deny tast pages that like the one mentioned by me check if the browser does correctly check all points.


#4

Clients are not bound in any way to the CA/B rules.


#5

That specific section lays out some requirements on what the TOS needs to contain to be compliant, so I’m guessing while you’re technically correct, those things are probably part of the agreement between you and Let’s Encrypt (without having actually verified this myself).


#6

No CA can enforce this.

That’s not a good idea at all. Even if compromised, a private key should stay as private as possible.


#7

Sure, but LE would have to update their ToS first, I don’t think there’s something like that in there currently.


#8

Most of the things @tlussnig brought up are included. I couldn’t find anything that perfectly matched point 4, although there is some language about having to revoke if you were to lose control over your domain (which is similar, I guess).

3.5 Inspection and Acceptance of Certificates
You agree to immediately inspect the contents of Your Certificate (“Initial Inspection”), and to
immediately request revocation if you become aware of any inaccuracies, errors, defects, or other
problems (collectively, “Certificate Problems”) with Your Certificate. Your ACME Client Software
may perform this task for You. You agree that You will have accepted Your Certificate when You
first use Your Certificate or the corresponding Private Key after obtaining Your Certificate, or if You
fail to request revocation of Your Certificate immediately following Initial Inspection.
[…]
3.8 When to Cease Using Your Certificate
You must immediately cease using Your Certificate if: (i) You suspect or discover that the Private Key
corresponding to Your Certificate has been or may be stolen, lost, or otherwise compromised or subjected
to unauthorized use, (ii) any information in Your Certificate is no longer accurate, current or complete, or
any such information becomes misleading, or (iii) upon the revocation or expiration of Your Certificate.


#9

Point 3.1 : You warrant that You rightfully hold the Private Key corresponding to the Public Key listed in Your Certificate.

How should someone hold not rightfully the private key? Till know i thought you can only request an cert not rightfully for and NAME you did not own or have no permission to use.

Point 3.5 Inspection and Acceptance of Certificates

So also on the LE you have to check the certificate

Point 3.7 “You should also notify anyone who may have relied upon Your use of Your Certificate that Your encrypted communications may have been subject to compromise”

This information policy i think is unexpected.

Point 3.8 " or (iii) upon the revocation"

This specifically is interesting that you have to stop usage if it is revoked independet by whom. This for example happened already by LE without issuer request (CCA record problem). Also this deny an page that test if browser correctly check revocation information.


#10

So if i would be bad i can say no one really know what TOS he have been agreed. :smiling_imp:


#11

It does say “Your ACME Client Software may perform this task for You.” later on.


#12

Neither it say the official one nor in the current version. So at the end it still is on your part.