Mozilla CA Certificate FAQ - Policy Rationales

This is a draft document for public discussion. It reflects the personal opinions of the author, and does not necessarily represent the views of mozilla.org staff and the Mozilla Foundation.

Please post comments and questions to the netscape.public.mozilla.crypto newsgroup or the corresponding mozilla-crypto mailing list, or send them to the document author, Frank Hecker.

Policy Rationales

This section attempts to explain the rationales behind the specific CA certificate policy adopted by the Mozilla Foundation, and also attempts to address various questions about why Mozilla treats CA certificates in the way it does; it is primarily intended for people who have some level of knowledge about CAs, Public Key Infrastructures, and computer security issues in general.

"Everyone knows" that CA-based PKIs don't work in practice. Why doesn't Mozilla just automatically accept any valid self-signed certificate?

Because we believe that CAs can provide at least some benefit in the context of Mozilla, even if that benefit is not as great as some PKI advocates might claim.

It is an unfortunate but unavoidable fact that CA-based PKIs have been among the most-hyped but least-implemented information technologies ever created; although CA-issued certificates are very widely used to enable secure web browsing, PKI technologies have not fulfilled the greater promises of bringing about universal secure email, ubiquitous "single sign-on" to applications, and other desirable goals. In part this is because CA-based PKIs are cumbersome to implement, in part because it is difficult for users to understand how certificates work and in many cases difficult and/or expensive for them to obtain a certificate, and in part because the promised benefits of PKIs are not necessarily that needed or desirable in practice. (For example, users of Mozilla and other browsers could in theory use CA-issued personal certificates to authenticate more securely to ecommerce sites and other Internet servers; however in practice almost all such sites still use traditional userids and passwords and have not found any truly compelling reasons to switch.)

For these and other reasons many people have questioned whether it is useful to have CA-based PKIs at all, and, if using CAs is unavoidable (which is pretty much true in the case of secure web browsing), whether it is useful to pay any attention to the scheme by which certain CAs are marked as "trusted" for various purposes. In particular, some people would argue as follows: Why shouldn't Mozilla simply accept without error any valid self-signed certificate? For example, this would let people operating web sites easily generate their own self-signed web server certificates and not have to go to a third party CA and pay to have an "official" CA-issued certificate. Even if web servers did happen to have CA-issued certificates, under this proposal Mozilla would not have keep copies of root CA certificates or have them marked as trusted or not: When verifying a certificate chain as described above, when Mozilla came to verify a root CA certificate (which is self-signed by its nature) Mozilla would automatically accept it as valid, just like any other self-signed certificate.

However we believe that there is still value for Mozilla users in having Mozilla use CA certificates.