On Mon, 12 Sep 2011 04:39:52 -0000, Marcus Reid said:
You don't have to have the big fat Mozilla root cert bundle on your machines. Some OSes "ship" with an empty /etc/ssl, nobody tells you who you trust.
And for those OS's (who are they, anyhow) that ship empty bundles, how many CAs do you end up trusting anyhow?
How about a TXT record with the CN string of the CA cert subject in it? If it exists and there's a conflict, don't trust it. Seems simple enough to implement without too much collateral damage.
Needs to be a DNSSEC-validated TXT record, or you've opened yourself up to attacks via DNS poisoning (either insert a malicious TXT that matches your malicious certificate, or insert a malicious TXT that intentionally *doesn't* match the vicitm's certificate)....