[cabfpub] On the use of misuse - and the necessity to remove it
sleevi at google.com
Thu Jun 7 05:40:16 MST 2018
During the discussion at the CA/Browser Forum F2F, there was some confusion
about the term "misuse", and no clear definition emerged that would provide
The Baseline Requirements has the following to say regarding "misuse"
relating to Subscriber certificates:
Section 1.6.1 ( Definitions )
Certificate Problem Report: Complaint of suspected Key Compromise,
Certificate misuse, or other types of fraud, compromise, misuse, or
inappropriate conduct related to Certificates.
Section 220.127.116.11 ( Reasons for Revoking a Subscriber Certificate )
The CA SHALL revoke a Certificate within 24 hours if one or more of the
4. The CA obtains evidence that the Certificate was misused;
Section 4.9.3 ( Procedure for Revocation Request )
The CA SHALL provide Subscribers, Relying Parties, Application Software
Suppliers, and other third parties with clear instructions for reporting
suspected Private Key Compromise, Certificate misuse, or other types of
fraud, compromise, misuse, inappropriate conduct, or any other matter
related to Certificates. The CA SHALL publicly disclose the instructions
through a readily accessible online means.
Section 9.6.3 ( Subscriber Representations and Warranties )
5. Reporting and Revocation: An obligation and warranty to: (a) promptly
request revocation of the Certificate, and cease using it and its
associated Private Key, if there is any actual or suspected misuse or
compromise of the Subscriber’s Private Key associated with the Public Key
included in the Certificate, and (b) promptly request revocation of the
Certificate, and cease using it, if any information in the Certificate is
or becomes incorrect or inaccurate.
7. Responsiveness: An obligation to respond to the CA’s instructions
concerning Key Compromise or Certificate misuse within a specified time
In each of these, "misuse" is undefined, and thus ambiguous and
unenforceable on a consistent and interoperable definition.
We heard several possible definitions advanced, on the basis of discussion
1) There is no definition, it is redundant.
2) There is a definition, and it's already captured in 18.104.22.168 (5) -
namely, that a certificate is "misused" if it's used in a way counter to
"" 5. The CA is made aware that a Subscriber has violated one or more of
3) There is a definition, and CAs know what it means
On that third point, attempts to find such a definition did not produce a
clear result. One example that was provided was by citing Section 1.6.1 and
4.9.3. However, if we attempt to substitute that definition in, we find its
circular. That is,
"Misuse is suspected Private Key Compromise, Certificate misuse, or other
types of fraud, compromise, misuse, inappropriate conduct, or any other
matter related to Certificates", we find that misuse appears twice in the
definition (Certificate misuse and misuse).
In the pursuit of a definition, we tried to work backwards - what are
situations we think are misuse.
One suggestion was that it was "fraud, compromise, misuse, inappropriate
conduct, or other matter" - but that still suffers the same circular
definition. Further, the BRs do not define "fraud" or "inappropriate
conduct" - for example, if I serve an "example.com" certificate if the SNI
contains "example.net", is that inappropriate conduct or fraud? In any
event, the CA would disclose such definitions in their CP/CPS and
22.214.171.124 (5). However, in further consideration, beyond being a circular
definition, it's a definition that posits that "misuse" is a distinct and
independent state compared to "fraud", "compromise", and "inappropriate
conduct" - but what that state is is not defined.
Another suggestion was that it involved scenarios where the Subscriber
private key was in an HSM, and itself was not compromised, but had signed
things it was not expected to. This wasn't elaborated on further - so I'm
uncertain if this meant things other than the TLS handshake transcript -
but this is already met by our definition of Key Compromise in 1.6.1, that
""A Private Key is said to be compromised if its value has been disclosed
unauthorized person, an unauthorized person has had access to it, or
there exists a
practical technique by which an unauthorized person may discover its
In such a scenario, the definition of "misuse" would already be met by
126.96.36.199 (3) - namely, revocation for Subscriber Key Compromise.
As such, as it stands, we have a requirement that is, at best, undefined,
and at worst, unauditable and inconsistent. There was some concern that
removing 188.8.131.52 (4) would remove a thing of value.
For those who feel 184.108.40.206 (4) has a definition, I'd like to put forward
the following request: Provide a suggestion for 1.6.1 or 220.127.116.11 (4) that
we can exactly substitute "misused" for, if it captures something that is
not already captured by the Baseline Requirements.
For example: "A certificate is misused if it is used to do X". We can then
compare that with the purpose of a certificate - which the BRs define as
certificates "to be used for authenticating servers accessible through the
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public