Fwd: Policy Update Proposal -- Remove Email Trust Bit

R Kent James kent at caspia.com
Tue Oct 13 18:30:33 UTC 2015


Hi tb-planning,

Perhaps some of you are aware of ongoing discussions on m.d.s.policy 
concerning whether Mozilla should maintain key pieces of certificate 
infrastructure that are needed for S/MIME support. The discussion seems 
to be resolved that the code bit needed for S/MIME support will be kept, 
but there are additional issues that need addressing for that to be 
meaningful. Mozilla's root store is used beyond Mozilla to support 
S/MIME, but as the primary product under the Mozilla umbrella that 
supports S/MIME, we have a special responsibility to step forward and 
show some leadership on this issue.

What things can and should we be doing to assist in the effort to 
maintain a reasonable approach to the root certificate store for S/MIME?

This would be a great time for anyone who feels deeply about this issue 
to step forward, either as a volunteer to help with this effort, or as a 
funder who might be able to provide the resources to hire people to 
support this.

:rkent

-------- Forwarded Message --------
Subject: Policy Update Proposal -- Remove Email Trust Bit
Date: Tue, 13 Oct 2015 08:04:39 -0700
From: Kathleen Wilson <kwilson at mozilla.com>
To: mozilla-dev-security-policy at lists.mozilla.org
Newsgroups: mozilla.dev.security.policy

All,

Many people have contacted me because they heard that Mozilla is
considering removing the Email trust bit, and they ask that we keep the
Email trust bit because they use the root certs in Mozilla's root store
(NSS) with the Email trust bit enabled in current and future
projects/products/applications. Gerv has provided some data from CAs in
support of this. [1]

Based on this discussion[2] and all of the input that I have received, I
believe that we should keep the Email trust bit.

However, this discussion has surfaced the valid concerns that we need
resource commitment to improve the policy and practices supporting the
Email trust bit.

Here's what I think the person/people would do for S/MIME roots/certs:
1) Maintain and improve the code in NSS supporting S/MIME.
2) Become an expert in this area, learning about and providing
information about how different countries, organizations, enterprises,
and companies are depending on certs chaining up to publicly-trusted
root certs that have the Email trust bit enabled.
3) Improve policies and requirements for CAs in the NSS root store with
the Email trust bit enabled. This includes determining which audit
criteria are required, and which auditors may be used.
4) Review each of the root inclusion/change requests for roots with the
Email trust bit to be enabled, and provide feedback in
mozilla.dev.security.policy.
5) Contribute to the decisions about whether or not to approve each
request to enable the Email trust bit.

I believe that such a resource commitment would satisfy all of the
arguments against the Email trust bit that Ryan so eloquently
summarized. [3]

Is this a fair assessment?

Is there anything else that should be added to the "job description" above?

Thanks,
Kathleen

[1]https://groups.google.com/d/msg/mozilla.dev.security.policy/atSYV_QPPFA/3NRrmmwBAgAJ
https://groups.google.com/d/msg/mozilla.dev.security.policy/atSYV_QPPFA/9QRe7JlSAwAJ

[2]
https://groups.google.com/d/msg/mozilla.dev.security.policy/atSYV_QPPFA/M6OpyA5FBAAJ

[3]
https://groups.google.com/d/msg/mozilla.dev.security.policy/atSYV_QPPFA/ycC96j6PBAAJ







More information about the tb-planning mailing list