tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [PATCH] HTTPS/TLS CA certificates in base



On 2023-08-20 08:12, Taylor R Campbell wrote:
[---]
     Rhetorical Devil's advocate question:  What's the potential blast
radius for the worst case scenario where a CA's private key is
compromised before its certificate expires and a bunch of NetBSD users
don't update their bundle for two years?

This is no different from any other security issue on a machine on the
internet.

The reason I "like" (probably not the right word..) the "user needs to explicitly do something to get the CA bundle there in the first place" is because it's sort-of like a clicking "I agree" to something. Maybe you didn't actually read the agreement, but at least you've been made aware that there is one.

Implicitly installing a CA bundle in a system to make things work is nice, but it hides the fact that there is something there one ought to care about [and make sure is kept up to date].

It is different in the sense that in the very unlikely event of a CA related meltdown, previously $OTHER_PROJECT/$MACHINE_OWNER would be in the headlines, not the NetBSD project.

But this is so hypothetical that it's not a reason to object. I just wanted it brought up so no one can say that the discussions hadn't been had.

   I say go for it.

--
Kind Regards,
Jan



Home | Main Index | Thread Index | Old Index