Comment by ocdtrekkie

ocdtrekkie 2 days ago parent

I think when Sundar and Satya start hearing about how their customers are losing billions of dollars because of some random people at their company called "certificate trust program leads" or whatever, there is going to be a lot of questions how those decisions got made and how to get them un-made.

Most of the other forum members either won't oppose longer lifetimes (every cert vendor would be happy) or will bow to the only two companies that matter.

ameliaquining 2 days ago

Nothing even remotely similar to that happened on previous tightenings. Going from not a peep to enough outrage to overturn a decision this thoroughly debated all at once seems really unlikely. Also, what are the aggrieved enterprises going to do, threaten to move from GCP to AWS if Chrome doesn't do what they want? That's an empty threat and everyone knows it.

nickf 2 days ago

None of this will happen. Saying this as the named endorser for SC-081.

ocdtrekkie OP 2 days ago

I really would like to share with you that what you endorsed will cause deaths. Deaths never attributed directly, sure. But the damage to the stability of the Internet of this is immense, and the impact that will have on individual lives virtually unpredictable in millions of complicated ways.

And I really hope you are wrong that it will not get reversed. (I hope I am wrong about the above, but I doubt it.)

nickf 1 day ago

It will not be reversed, of that I'm certain. Attributing deaths, even indirectly, to the change in duration of TLS server certificates for the webPKI is incredibly extreme. If you have any real evidence or data to share, I have resources and my own time to investigate.

ocdtrekkie OP 1 day ago

Like, you do understand the Internet is the world's largest life-critical system, right? For dozens of reasons (including the CA/B), it really shouldn't be, but it is. When a medical device breaks due to a certificate error, that's going to be on you. Heck, when a doctor can't find the right information at the right time because of a certificate error, that is on you. Should SCADA systems controlling critical infrastructure use PKI? No. Does it? Yep, everywhere. There are virtually endless things where the Internet working is in the critical path of life-saving and life-changing processes, not because they should be, but because the stack of technology is deep and confused and people make bad decisions. And the cool thing about automation is nobody looks at it until it unpredictably breaks.

When the Internet breaks, people die. It's all fun and games to talk about hypothetical security problems that you aren't actually solving as an excuse to make the Internet incredibly transient and fragile, but it has a real human cost.

Right now, over 80% of organizations have outages do to a certificate issue every year. That's really bad, and already due to the CA/B's poor decisionmaking. But at the existing certificate lifetimes, at least it's predictable. Now the CA/B wants to multiply the possible problem occurrences by a factor of ten. And an organization can't even just be concerned with their own certificates, because any layer of their stack's software or infrastructure having a certificate error can have downstream effects.

The reason I believe this change will be undone, is because ultimately it will have to. It will be so obviously wrong if it goes into effect that people opposed to undoing it will get removed from the decisionmaking until it is undone.

ameliaquining 1 day ago

Do you have an order-of-magnitude estimate of how many deaths?

This item has no comments currently.