© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
According to the CAcert web site [1], the root key is stored on a root store server. While the server has employed various methods to avoid external compromise, it seems to fail to address a signifcant flaw in its trust model. Namely, the integrity of the trust model for CAcert.org relies on trusting those who manage this server, and most especially, those who have both physical access to the server and have the password.
In my opinion, it is unacceptable to have the trust model of a root certificate rely on any single individual (or group of individuals with full access) to manage a root certificate private key. It probably goes without saying here that in a PKI, a breach of the root private key is a catastrophic, unrecoverable, systemic breach of security for those who rely on it.
I strongly urge Mozilla to consider very carefully the consequences of accepting a root certificate, where the trust model relies on an individual not to abuse access to the root private key, without any apparent checks and balances in place to mitigate such unadulterated access.
[1] CAcert Root Protection
http://
Please do not hesitate to contact me personally to discuss this matter in more detail.