For a long time, I've argued we need leaf certificates to be double signable. That way there can be two chains of trust for a website. Then dropping a CA doesn't matter much, since all serious parties should have multiply signed paths to various roots of trust. Hence we solve the problem of CAs becoming to big to fail.
The current way cross-signing works is almost an accident, and only works for intermediate certificates. Because the 'signing cert' is looked up by name. An intermediate cert can be published twice with the same name, same key, but different signatures and signing cert. Hence doing this for a leaf certificate would mean 'just get two certificates'.
I see what you meant--having two for redundancy--but I was much more excited by the idea of having two where both had to be valid, as getting two organizations to issue you a bogus certificate is going to be a hell of a lot harder than getting one (not impossible, but often an entirely different kind of attack). Maybe we require three and at least two have to be valid, providing the benefits of both angles? ;P
I never find this kind of stuff funny... it's more snark than humor. It's also got a weird racial tinge on the tiresome trope of a somewhat distrustful middle eastern laborer, which makes it gross.
I remember around the time of the diginotar horrors looking at DANE and DNSSEC. As I understand it, DANE still isn't supported by browsers, and DNSSEC is still in a pitiful state.
DANE is even worse than the CAs in this regard. Nobody trusts the CAs, so they all have to record all their issuances in a transparency log. If a CA misissues, the browsers will kill it (as has happened with some of the largest CAs). There's no way to revoke a misissued DNSSEC signature and there's no transparency log for DNSSEC, nor will there ever be, because the browsers can't force DNS registries to implement it the way they could force CAs.
DANE is a great idea in theory, botched by a bad practical implementation and low deployment (how much of that is related to the influence of the CA mafia is left as an exercise to the reader). There is some hope for the future:
https://www.sidn.nl/en/news-and-blogs/new-opportunity-for-da...
rocqua|2 years ago
The current way cross-signing works is almost an accident, and only works for intermediate certificates. Because the 'signing cert' is looked up by name. An intermediate cert can be published twice with the same name, same key, but different signatures and signing cert. Hence doing this for a leaf certificate would mean 'just get two certificates'.
saurik|2 years ago
voz_|2 years ago
antonvs|2 years ago
Dalewyn|2 years ago
vcuto|2 years ago
[deleted]
hkt|2 years ago
I remember around the time of the diginotar horrors looking at DANE and DNSSEC. As I understand it, DANE still isn't supported by browsers, and DNSSEC is still in a pitiful state.
tptacek|2 years ago
cornholio|2 years ago
phnofive|2 years ago
https://news.ycombinator.com/item?id=2463762
jwilk|2 years ago
Also:
2016: https://news.ycombinator.com/item?id=10839315 (68 comments)
2017: https://news.ycombinator.com/item?id=15838324 (10 comments)
userbinator|2 years ago
12 years ago, that meant something different.
ThePhysicist|2 years ago
justsomehnguy|2 years ago
So if it was Honest John you would be okay with that?
> Do we want such content here (I'd say no)?
You have 'flag' and 'downvote' buttons for this.
kimi|2 years ago
vcuto|2 years ago
[deleted]
awestroke|2 years ago
labster|2 years ago
biorach|2 years ago
awestroke|2 years ago
suction|2 years ago
[deleted]