Recommended Reading

Standards documents

• Internet Public Key Infrastructure (Web PKI): RFC 5280
• Certificate Path Building: RFC 4158
• Online Certificate Status Protocol (OCSP): RFC 6960
  • Lightweight OCSP Profile: RFC 5019
• Certificate Authority Authorization (CAA) DNS Record: RFC 8659
• Certificate Transparency (CT): RFC 6962
  • And Cloudflare's readable introduction to CT
• JSON Web Signatures (JWS): RFC 7515
• Automatic Certificate Management Environment (ACME): RFC 8555
  • ACME TLS ALPN Challenge: RFC 8737
  • ACME IP Validation: RFC 8738
  • ACME Renewal Information (ARI): working group proposal
• How to structure a CP and/or CPS: RFC 3647

Legal / Policy documents

• CA/Browser Forum Baseline Requirements: https://cabforum.org/baseline-requirements-documents/
• CA/Browser Forum Network Security Requirements: https://cabforum.org/network-security-requirements/
• Let's Encrypt Policy and Legal Repository (CP, CPS, Subscriber Agreement, Privacy Policy): https://letsencrypt.org/repository/
• IdenTrust Policy documents (LE's CP/CPS have to be compatible with IdenTrust CP): https://secure.identrust.com/certificates/policy/ts/
• WebTrust for CAs: https://www.cpacanada.ca/en/business-and-accounting-resources/audit-and-assurance/overview-of-webtrust-services/principles-and-criteria

Root programs

• Chrome Root Program: https://www.chromium.org/Home/chromium-security/root-ca-policy
• Mozilla Root Store Policy: http://www.mozilla.org/projects/security/certs/policy/
• Microsoft Trusted Root Program: https://docs.microsoft.com/en-us/security/trusted-root/program-requirements
• Apple Root Certificate Program: http://www.apple.com/certificateauthority/ca_program.html
• Android: https://issuetracker.google.com/issues?q=componentid:190923%20status:open

Additional relevant information not incorporated directly into root program requirements:

• The Common CA Database.
• Required or Recommended Practices
• Responding to an Incident

Mailing lists

Critical lists for keeping up with the Web PKI and ACME:

• CA/Browser Forum Public: https://lists.cabforum.org/mailman/listinfo/public
• CA/B Forum Server Certificate Working Group: https://lists.cabforum.org/mailman/listinfo/servercert-wg
• Mozilla Dev Security Policy (MDSP): https://groups.google.com/a/mozilla.org/g/dev-security-policy
  • Previous archive: https://groups.google.com/g/mozilla.dev.security.policy
• Public list for CCADB (Common CA DataBase): https://groups.google.com/a/ccadb.org/g/public
• IETF ACME Working Group: https://mailarchive.ietf.org/arch/browse/acme/
• IETF CT Working Group: https://www.ietf.org/mail-archive/web/trans/current/maillist.html
• Certificate Transparency Policy: https://groups.google.com/a/chromium.org/g/ct-policy
• The CA Compliance Bugzilla Component: click "Watch"

Informational lists for tools Let's Encrypt uses:

• The Let's Encrypt Community Forum: https://community.letsencrypt.org/
• Golang: https://groups.google.com/g/golang-announce
• Zlint: https://groups.google.com/g/zlint-announcements
• Bulletproof TLS Newsletter: https://www.feistyduck.com/bulletproof-tls-newsletter/
• The Boulder and Pebble GitHub repos (click "Watch")

Misc

A collection of articles that provide greater depth and nuance on a variety of topics:

• Let's Encrypt's public documentation
  • Especially the Glossary
• A Warm Welcome to ASN.1 and DER
• A Warm Welcome to DNS
• Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web, academic paper, 2019
• Experiences Deploying Multi-Vantage-Point Domain Validation at Let’s Encrypt, academic paper 2021
• Why and how to develop Blameless Postmortems Culture
• Fixing the AddTrust Root Expiration
• MD5 hash collision to create a rogue CA
• Report on the 2011 DigiNotar breach
• Removal of TurkTrust mis-issued MITM intermediates
• Post about how strict browser behavior benefits the whole ecosystem
• An explanation of DNS hijacking attacks
• Discussions about the difficulties of revocation checking:
  • Adam Langley's three posts on the topic
  • Mozilla's plans for Firefox
  • Cloudflare's and Ryan Sleevi's posts about OCSP Stapling
• How TLS clients build certification paths, and what mistakes have been made

Past Incidents

A collection of past CA Compliance incidents that are valuable learning material:

• All Let's Encrypt CA Compliance issues
  • We also post them to our community forum
• Issues leading to Symantec distrust
• Issues leading to WoSign distrust
• Issues leading to PROCERT distrust
• Issues leading to Certinomis distrust
• Bug 1640805: Delayed publication of revocation information
  • Clarifies that a certificate is not considered revoked until updated OCSP responses are globally visible
• Bug 1598390: Null character in root CA URLs
  • Requires multiple layers (technical, social) of root cause analysis; shows importance of automated ceremony tooling
• Unicode Normalization Incident
  • Rapid remediation and revocation; led to integration of pre-issuance linting at Let's Encrypt
• Bug 1619047: CAA Rechecking Bug
  • Root-caused by Go loop variable aliasing; led to many remediations at Let's Encrypt
  • Also accompanied by Bug 1619179: Incomplete revocation