Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Are Some CAs Too Big To Fail?

samzenpus posted more than 3 years ago | from the they-don't-fall-down dept.

Privacy 163

Trailrunner7 writes "In the wake of this weekend's revelations of the seriousness of the attack on certificate authority DigiNotar, security experts have renewed criticism of the Internet's digital certificate infrastructure, with some wondering if larger certificate authorities (CAs) might be too big to fail. Would Mozilla and Microsoft and Google have revoked trust in root certificates from VeriSign or Thawte had they been compromised? Unlikely. 'It's not a simple matter of removing certificates from a database, because they're not in any databases,' says researcher Moxie Marlinspike, who presented an alternative approach to the current SSL infrastructure last month at DEFCON. 'We may never track them all down.'"

Sorry! There are no comments related to the filter you selected.

User ignorance (3, Insightful)

betterunixthanunix (980855) | more than 3 years ago | (#37332094)

Maybe we should do a better job of teaching people about computers and technology when they are in high school. CAs are able to get away with poor practices and poor security because most computer uses have no clue what a CA is. If people would start disabling Thawte's certificates en masse, Thawte would be forced to protect its business by regaining the users' trust.

Re:User ignorance (0)

Anonymous Coward | more than 3 years ago | (#37332134)

Even if they know how to block certificates, how many non-technical people do you think keep up with news that mainly only makes it to slashdot (and not major news sites)... better yet, how many people under 22 do you know that keep up with news at all(other than the big stuff everyone talks about)

Good point (3, Interesting)

houstonbofh (602064) | more than 3 years ago | (#37332228)

Time for a new plug in. Cert Blocker Plus. Automatically updates with a list of certs know to be compromised, questionable, run by governments, or members of the opposing party. :) (Actually, I can see this coming out soon, and if someone patents this, I call prior art!)

Re:Good point (1)

master5o1 (1068594) | more than 3 years ago | (#37333072)

How would I trust that this plugin does the blocking of everything correctly and how I want it?

Re:Good point (1)

thatbox (868467) | more than 3 years ago | (#37333180)

Presumably by contributing to such a project. That's how this stuff tends to work!

Re:Good point (1)

houstonbofh (602064) | more than 3 years ago | (#37333244)

That is actually a problem with the basis for this, Add Block Plus. http://adblockplus.org/en/ [adblockplus.org] Which is why, while I use it, I do not use the built in lists. Go figure that the feature I am promoting in my shameless ripp off is the one I do not use in the originator. :)

Re:Good point (1)

cheater512 (783349) | more than 3 years ago | (#37334552)

Perhaps we could sign it for authenticity with a certificate provided by a trusted third party.....oh wait.

Re:User ignorance (3, Interesting)

jellomizer (103300) | more than 3 years ago | (#37332244)

The problem with CAs are that they never really do their job quite well. If you are paying hundreds or thousands of dollars for a Cert they really should do a lot more work to verify who you are and the browser should identify the level of security the Cert gives.
A cheap level (Under $50 per IP) for those B2B type of apps where you are connecting to a trusted source anyways but you don't want the error message or tell your customer to setup something new. A one note should suffice. Then you got a level good for online business (Under $500) this is for online stores, the CA needs to determine that it is a real store with the ability to sell the goods. However the browser should alert when ever there is a data stream that looks like a social security number or pushes a request for such non-merchant information. then you got the premium HIPAA level cert where it the CA needs to keep a close eye on its organization make sure the companies security is strong enough for the CERT this would be a full allow for the browser.

Re:User ignorance (2)

Bert64 (520050) | more than 3 years ago | (#37332644)

Self signed certs would probably be a better idea for businesses you already have a relationship with, like banks... You already have offline contact with the bank via mail or even walking into a branch, so they could use this to send you their certs and you won't have to trust anyone else.

Re:User ignorance (1)

tlhIngan (30335) | more than 3 years ago | (#37333114)

Self signed certs would probably be a better idea for businesses you already have a relationship with, like banks... You already have offline contact with the bank via mail or even walking into a branch, so they could use this to send you their certs and you won't have to trust anyone else.

Why not have the bank be the CA for the businesses it does business with? That way, any business needing an SSL cert can go to their bank and get one. The bank's reputation is on the line and there's a definite trust entity in that way - the bank has to know you and will have access to your real contact details. It could be just like their merchant accounts.

Of course, this only works for businesses, not those doing HTTPS because it's in general a Good Idea(tm).

Re:User ignorance (0)

Anonymous Coward | more than 3 years ago | (#37334678)

The bank's reputation is on the line

Well we all know how important a bank's reputation is.

Re:User ignorance (1)

houstonbofh (602064) | more than 3 years ago | (#37333196)

Not SELF SIGNS CERTS! I have seen the warnings in FireFox! SELF SIGNED CERTS will eat my babies, rape my dog, and make my hair fall out! Anything but that!


Yes, this is sarcasm in that FireFox will go apeshit over a self signed cert, but pass all these fraudulent ones for months until people actually run the update.

Re:User ignorance (1)

heypete (60671) | more than 3 years ago | (#37333354)

CA-issued certs, even free ones from StartSSL and cheap ones from GoDaddy, have the advantage of being revocable. Nearly all the self-signed certs I've encountered lack a CRL or OCSP responder. This is a Bad Thing.

Re:User ignorance (1)

Lennie (16154) | more than 3 years ago | (#37334380)

An man-in-the-middle attacker can just drop the packets to the OCSP (do browsers by default even download any CRL's anyway ? usually they are just to large like 700MB+) it will timeout and the browser by default will just continue.

Re:User ignorance (1)

0123456 (636235) | more than 3 years ago | (#37333734)

You already have offline contact with the bank via mail or even walking into a branch, so they could use this to send you their certs and you won't have to trust anyone else.

I would totally, TOTALLY, trust a self-signed cert for my bank that turned up on a CD in my mailbox over one that was signed by a CA.

Re:User ignorance (1)

vetman (629670) | more than 3 years ago | (#37333852)

No problem, I will drop one in your mailbox or maybe just leave a USB flash drive on your driveway. You trust me er I mean local home town bank labeled CD right? (/sarcasm) We do need to BUILD the TRUST up with these CA's. I would not have trusted DigiNotar if I knew they were running vulnerable weak password Windows boxes. I do agree that self-signed certs are just as secure, but when dealing with unknowns on the Internet we need the trust to start somewhere. I think there are already way too many certs in my browser and they are already valid until 2040! Yikes.

Re:User ignorance (1)

X0563511 (793323) | more than 3 years ago | (#37333218)

However the browser should alert when ever there is a data stream that looks like a social security number or pushes a request for such non-merchant information.

I'd love to see you try to implement that...

Re:User ignorance (1)

pjt33 (739471) | more than 3 years ago | (#37333378)

Are you saying that you want browsers to only work to spec in the USA? Or are you expecting browser developers to have regexes for social security numbers in every country in the world, and to keep up-to-date with the legislation which is the closest local equivalent to HIPAA?

Re:User ignorance (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#37332576)

I'm highly doubtful of the efficacy of that. There are numerous business areas, even well-known names, who do just fine despite public opprobrium.

A highschool course in IT taking down Thawte or forcing them to clean up their act would be about as likely as a highschool course in personal finance bringing down Goldman-Sachs or leading to the end of byzantine financial chicanery...

Re:User ignorance (1)

Squeebee (719115) | more than 3 years ago | (#37332684)

Oh yes, and while we're at it we'll teach them all how to fix a car so they can call out their mechanic if they recommend un-needed repairs, and teach them all construction so they can better review the work of the guy who builds their next home, and we'll put them all through medical school so they can better hold their doctors to best practices.

Honestly, there's a point where you have to get off your high horse and realize that we have specializations for a reason, and it behooves those in the know on a given subject to realize that it's not practical for every user of their output to be an expert in their field, so the onus is on the experts to make it easy for the non-experts.

Re:User ignorance (0)

Anonymous Coward | more than 3 years ago | (#37333232)

As Heinlein so aptly put it, specialization is for insects.*

You don't have to be an expert to avoid being taken by a shady mechanic, or tell if construction work is shoddy, or if your doctor is being sloppy, just reasonably informed and willing to learn. Of course that last excludes the significant fraction of the population who would rather be entertained than informed. The drones.

*("A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects." - RAH, Time Enough for Love

Never had to butcher a hog or set a bone, but I know the theory. As to dying gallantly, well, we'll see.)

Re:User ignorance (1)

pjt33 (739471) | more than 3 years ago | (#37333480)

Specialisation is for people who want to live securely in large communities. It's one thing to design a small hut for a temperate climate, and another to design a block of flats which can withstand a natural disaster. It's one thing to program a computer, and another thing to write robust software which handles exceptional cases well and doesn't let a script kiddie drive a bus through it. So by all means, attempt to eliminate specialisation, but only if you're happy living in a small hunter-gatherer community.

Re:User ignorance (1)

rabtech (223758) | more than 3 years ago | (#37332734)

Any system that relies on users to know what is or isn't good is doomed to failure. Users don't check the address bar and don't know about certificates, nor should they.

All too often their machines are 0wned already by malware and spyware, probably because they saw some cute puzzle game and just kept clicking OK at that damn dialog box getting in the way of playing my game!!!

Re:User ignorance (2)

geekmux (1040042) | more than 3 years ago | (#37332888)

Maybe we should do a better job of teaching people about computers and technology...

Sorry, had to stop you right there, because the only thing that is ignorant here is thinking that users will actually learn to use the very device they rely on for damn near everything.

Just saying, if users haven't learned by now, they won't. Period.

And while we're on the topic of ignorance, can we please get the hell away from this "too big to fail" crap? Do images of the Titanic at the bottom of the sea paint enough of a picture? Does the word "Rome" ring a bell? I mean c'mon, seriously, let's at least try and pretend we're actually learning from history here.

Besides, the only way to truly answer that question in modern times is to actually let failure happen. Seems we don't have anyone around with the guts (or brains?) to allow that to happen.

Re:User ignorance (1)

Zironic (1112127) | more than 3 years ago | (#37333290)

The term 'too big to fail' doesn't refer to being unable to fail but rather, not being -allowed- to fail because the consequences of failure would be too catastrophic.

Re:User ignorance (1)

UnknownSoldier (67820) | more than 3 years ago | (#37333782)

> The term 'too big to fail' doesn't refer to being unable to fail but rather, not being -allowed- to fail because the consequences of failure would be too catastrophic.

Which is a bogus term. "too big to fail" = "the general population gets fucked with the bill"

True Story:

Forest Ranges used to be anal about stopping _every_ forest fire. They eventually learnt that this makes the situation _worse_ in the _long_ run because all the decay that _would_ of been cleared when a big fire hits, is still there.

See: http://en.wikipedia.org/wiki/Controlled_burn [wikipedia.org]

_Every_ government has collapsed. It is not just a matter of IF, but WHEN. Propping up entities artificially doesn't change that fact.

Notary Servers (1, Interesting)

slackergod (37906) | more than 3 years ago | (#37332102)

Just to provide some links to the "alternative approach" mentioned in the summary:

* The Perspectives Project [perspectives-project.org] spearheaded the concept of independant notary servers instead of a chain-of-trust.

* Convergence [convergence.io] is another spin on the same concept, by Moxie Marlinspike in fact. (Not sure if it's compatible w/ Perspectives, but I think it is)

Re:Notary Servers (1)

CommieLib (468883) | more than 3 years ago | (#37332356)

I took a long look at Convergence, but it suffers from the old fax machine problem...until there are hundreds of notaries, we have the same "trust agility" problem that the system seeks to address.

Furthermore...I would hate to be the subject of a later video from Marlinspike about how all these users gullibly accepted his notarizations of these certs. The whole situation is a nasty, twisty problem...and the worst part is that hosts can't do a thing about it.

Re:Notary Servers (2)

AliasMarlowe (1042386) | more than 3 years ago | (#37332480)

The whole situation is a nasty, twisty problem...

...and it is dark. And I smell a Wumpus...

Re:Notary Servers (1)

CommieLib (468883) | more than 3 years ago | (#37333452)

That was definitely kicking around in there somewhere...

Too big to fail... (4, Insightful)

houstonbofh (602064) | more than 3 years ago | (#37332152)

Too big to fail means too big to give a shit. Failure is the motivator for performance. With no cost for bad performance, there is no incentive for good. Just ask the "big" banks, or better yet, ask the customers...

Re:Too big to fail... (2)

hierophanta (1345511) | more than 3 years ago | (#37332402)

Or our government, or better yet, ask the citizens.

F and i thought i was a dem

Re:Too big to fail... (2, Insightful)

Anonymous Coward | more than 3 years ago | (#37332582)

Both Democrats and Republicans (and even Tea Partiers, from what I've seen....) are for big government. The argument is what part of the government should be big.

We compromise by making both sides big.

Nobody is "too big to fail". (0)

Anonymous Coward | more than 3 years ago | (#37332686)

I say let failures fail. Lessons shall be learned because of it.

Not even Goliath was too big to fail. Was there seriously bad consequences because of his fall? Absolutely... especially for the Philistines.

Re:Too big to fail... (1)

elsurexiste (1758620) | more than 3 years ago | (#37333574)

I'd say "Too big to fail := Too big to exist". ;)

No... (0)

iCEBaLM (34905) | more than 3 years ago | (#37332162)

We shouldn't have CAs at all, they have proven themselves irrelevant, untrustworthy and insecure.

Re:No... (1)

MichaelKristopeit420 (2018880) | more than 3 years ago | (#37332262)

who is "We"?

you are NOTHING.

cower in my shadow some more behind your chosen frozen liniment based pseudonym, feeb.

you're completely pathetic.

Re:No... (1)

vlm (69642) | more than 3 years ago | (#37332358)

So... you're saying he's qualified to run a CA? LOL

Re:No... (1)

MichaelKristopeit422 (2018884) | more than 3 years ago | (#37332462)

i said what i said. i'm saying what i'm saying.

ur mum's face're saying he's qualified to run a CA? LOL, you're an idiot.

cower in my shadow some more behind your chosen pseudonym, feeb.

you're completely pathetic.

Re:No... (1)

houstonbofh (602064) | more than 3 years ago | (#37333286)

Before you respond to an obvious troll, look at the profile. I only found one post of his not modded -1, and it was 0. Ignore them, and they soon get modded to oblivion. Respond, and he will respond back and have faff material for days.

Re:No... (1)

MichaelKristopeit422 (2018884) | more than 3 years ago | (#37333312)

you're an ignorant hypocrite.

cower in my shadow some more behind your chosen fatherless southerner based pseudonym, feeb.

you're completely pathetic.

Re:No... (1)

Bucky24 (1943328) | more than 3 years ago | (#37333666)

southerner based pseudonym

Well at least the troll is semi-creative. I especially like the cowering in the shadow parts. If you're a troll, generally you don't come in the light much, and you don't HAVE a shadow for anyone to cower in. So.... What you request is impossible. Sorry.

your chosen fatherless southerner based pseudonym

The pseudonym is fatherless? Well, yes, in fact pseudonyms are spawned from the fertile imaginations of the users who cower behind them, and in fact have neither mothers or fathers.

Yes, yes, I know, cower in your shadow behind my pseudonym.

Re:No... (1)

MichaelKristopeit425 (2018896) | more than 3 years ago | (#37333796)

ur mum's face is semi-creative.

do you know what the B in BOFH stands for? do you know what the word "based" means? seemingly, in fact, your ignorance was spawned from a fertile ova in the dunce fields.

you're an idiot.

Re:No... (1)

vlm (69642) | more than 3 years ago | (#37332330)

We shouldn't have CAs at all, they have proven themselves irrelevant, untrustworthy and insecure.

... and highly profitable, which is why we'll never get rid of them, unfortunately.

Re:No... (1)

Tasha26 (1613349) | more than 3 years ago | (#37332500)

However i play this certifcate game in my head, i find that we need CAs. The ones we got are simply not fit for the job and the govt needs to revoke their license.

Re:No... (1)

vlm (69642) | more than 3 years ago | (#37332710)

The ones we got are simply not fit for the job and the govt needs to revoke their license.

What license? I suppose it depends on the country, but none is necessary here. If one was necessary, "they" contribute tens of thousands to re-election campaigns of multiple politicians, and "you" probably do not. Wonder how thats gonna turn out.

I run my own CA. Its not hard. I certainly needed no license. (Note: I guarantee my root cert is not in your browser). Reason why is some apps like fetchmail, dovecot imap, dovecot POP3, and a couple others, are easier run over SSL than thru shared SSH keys. Also, it was remarkably easy.

Re:No... (1)

Tasha26 (1613349) | more than 3 years ago | (#37333060)

I thought CAs were a regulated business, just like financial, accounting or law firms, i.e. you have a duty of care, doing your job properly? If not, I foresee lawsuits...

Re:No... (1)

lgarner (694957) | more than 3 years ago | (#37333238)

I'm pretty sure they're not. Anyone can be a CA. The only thing necessary to be a "real" CA is to have your cert installed by default in the major browsers. They (Opera, Microsoft, Mozilla, Google) decide who's a "real" CA or not. In other words, it's just about trust. Your browser trusts Thawte, Verisign, and a ton of others by default. If you install my personal root CA in your browser, then for you I'll be just as "real" as the others.

Re:No... (1)

vlm (69642) | more than 3 years ago | (#37333336)

Like my disclaimer says

I suppose it depends on the country

but in the USA its completely unregulated, at least WRT "being a CA".

As I said, I am my own CA ... If I issued some certs to you, either barter or for cash, then I'd have all the usual financial / tax / zoning / liability laws that any business follows or pays money to get out of following, but absolutely no laws are specifically CA related.

Its easy to govt license physical things like nuclear material or firearm receivers, but I think you'd find govt licensing of openssl software to be a bit problematic.

If you don't believe me, try to disprove me by setting up the software, and being unable to issue certs without some sort of govt license...

Its like talking to people who thought you needed a license to install a webserver... Stockholm syndrome that us little people could not possibly be permitted to have that power, so it must be illegal or something, etc.

Re:No... (1)

sjames (1099) | more than 3 years ago | (#37334104)

All it takes is to convince someone to put your cert in the list of roots. That someone can be a distro maintainer, browser maintainer, or individuals. The more, the better. In the practical sense, if you can convince MS, Google, and Mozilla to include your cert, you are now a CA.

Re:No... (1)

moortak (1273582) | more than 3 years ago | (#37333096)

Do you have a better, scalable solution that doesn't suffer the same or greater weaknesses? The problems of CAs remind me of the issues with spam. Everyone agrees the system we have is broken and no one has a better solution.

Re:No... (1)

houstonbofh (602064) | more than 3 years ago | (#37333386)

Actually, yes. http://convergence.io/ [convergence.io] However, it also is not perfect, just better. Just catching that troll behind you there...

Segmentation (1)

mehrotra.akash (1539473) | more than 3 years ago | (#37332238)

I'm not too sure how CA's work, but if till this point we know, say "Thawte" is uncompromised.
Then, secure Thawte, issue new certificates using a different name, say "Thawte2"

Change this name every year or so, securing the previous certificates.

This way, in case of a compromise, only a max. of 1 year of certs are invalidated

Marlinspike's approach (5, Interesting)

AceJohnny (253840) | more than 3 years ago | (#37332310)

Marlinspike's approach, implemented in a Firefox extension [convergence.io] presented at DefCon '11, is to do away with the notion of CAs altogether in SSL, replacing it with a distributed network that reports on the certificate they see. Basically, if the certificate you see agrees with the rest of the network, then you're not being spoofed.

He had previously explained [thoughtcrime.org] the properties a replacement to the CA system had to demonstrate in order to be viable

Re:Marlinspike's approach (0)

Anonymous Coward | more than 3 years ago | (#37333018)

Pretty good ideas in that, but it is not all implemented in a Firefox extension as there is also a new server component, the Notary (written in Python by the looks of it).

Without servers, this goes nowhere, if it goes nowhere, there is no adoption and no need for the servers! This need for Notary servers is a big blockage to adoption, especially for use on intranets where the servers to be Notarised may not be accessible from public Notaries.. so all organizations will need to deploy Notaries too.

Don't get me wrong, I wish it would happen, I just don't think it will.

Re:Marlinspike's approach (1)

Piranhaa (672441) | more than 3 years ago | (#37333164)

You don't think Google or Microsoft can make notaries? .. They have bots that scour and cache the internet already. Grabbing the ssl certificate of a site and caching it isn't that much more to deal with. Plus, I have the option of hosting a notary at home if I want.

The idea is to get a proof of concept out there, and a decent implementation of it I might add (I'm running it at work, home, and school). We just need to get the major browser vendors onboard (MS, Google, Apple), and then get it rolling.

The beauty of it is that the current https infrastructure doesn't need to change. If a certificate is signed, and it checks out at both the client and notary level, it's valid. Same goes for self-signed certificates.

According to these guys, there is already a convergence notary fork in the works using Google's help.
http://security.stackexchange.com/questions/6778/how-does-convergence-ca-replacement-prevent-its-notaries-from-being-mitmd-as-w [stackexchange.com]

Re:Marlinspike's approach (0)

Anonymous Coward | more than 3 years ago | (#37333148)

The talk was pretty good, though honestly I think Moxie and Diffie's panel did a great job speaking to it. And hell Diffie drank on stage +1 just for that.

Re:Marlinspike's approach (1)

vadim_t (324782) | more than 3 years ago | (#37333464)

How do you authenticate the authentication server?

If I got it right, this system needs to contact some server that says "I cerfity this cert as valid, because the fingerprint was the same from the 50 different network paths we checked it". Ok.

But, that message has to be transferred securely as well, otherwise Mallory just spoofs that server, and you've got no security. And you can't do the checks yourself because you don't have 50 servers around the world you can use for testing.

Re:Marlinspike's approach (1)

OverlordQ (264228) | more than 3 years ago | (#37333800)

How do you authenticate the authentication server?

You dont. You are the authentication server, and you ask 50 servers.

Re:Marlinspike's approach (1)

vadim_t (324782) | more than 3 years ago | (#37333928)

That's not very useful if your ISP is doing the MITM, which is very much a reality in many places right now.

For instance, there have been several articles here on ISPs injecting content into the websites they serve.

Re:Marlinspike's approach (0)

Anonymous Coward | more than 3 years ago | (#37334420)

My understand is: Basically, you use the old CA method to verify the site you are downloading from. Then the application has a public key for each server (or authoritative servers that give you info on the others) hard coded in. Once you get the application, it uses the distributed method to verify going forward. All connection to all the verifying servers are encrypted. It all seems to go back to that initial connection being legit.

Re:Marlinspike's approach (1)

vadim_t (324782) | more than 3 years ago | (#37334792)

But that's not very useful, because compromising one CA gets you back to the same situation again.

It's just lucky that the compromise is public this time, they don't have to be. The attacker could make the cert then spring the trap at a convenient time. By the time somebody figures it out, the damage will be done already.

Already happened (1)

robmv (855035) | more than 3 years ago | (#37332314)

with Comodo, they only hardcoded some certificate signatures but did not revoke the entire CA. There is another problem: "your website is too small to care". I am not sure if a small business operator will receive the same treatment like they did with Comodo, patch their browsers to protect users of your small site

Re:Already happened (0)

Anonymous Coward | more than 3 years ago | (#37332610)

The difference was in how Comodo handled it. They notified the browser vendors as soon as the problem was identified. DigiNotar on the other hand stayed quiet for a month. Comodo lost a few certificates but DigiNotar lost their trust.

CAs should have to post a bond (1)

Animats (122034) | more than 3 years ago | (#37332322)

CAs should be limited to sets of domains, and this enforced in browsers. Country-level CAs should be limited to the country in which they operate. Government CAs should be limited to their domain (".gov", "mil.uk", etc.).

CAs for the open domains should have to post a big bond, which can obtained through a bonding agency if necessary, with a value of at least $10 million, to back up their "relying party agreement".

That's what "corporate responsibility" means - third party bonding.

Re:CAs should have to post a bond (2)

vlm (69642) | more than 3 years ago | (#37332540)

CAs should be limited to sets of domains, and this enforced in browsers. Country-level CAs should be limited to the country in which they operate. Government CAs should be limited to their domain (".gov", "mil.uk", etc.).

CAs for the open domains should have to post a big bond, which can obtained through a bonding agency if necessary, with a value of at least $10 million, to back up their "relying party agreement".

That's what "corporate responsibility" means - third party bonding.

Well, theres one thing I guarantee we are not going to do. Lets look at the american experience:

1) I trust my employer to give me a job for life in return for my loyalty. Whoops
2) I trust my bank to only loan me a mortgage I can pay off. Whoops
3) I trust my health insurance company to be there for me when I'm sick. Whoops
4) I trust my car insurance company to help me with my claim. Whoops.
5) I trust my hardware store (and China) not to sell me poisonous drywall. Whoops.
6) I trust my food store not to baby food full of melamine. Whoops.
7) I trust my toy store not to sell kids toys covered in lead paint. Whoops
8) I trust my gas station to sell gas that is free of sand and water. Whoops
9) I trust my govt not to sell me out for campaign contributions. Whoops
10) I trust my higher educational institution to train and/or educate me for a good paying job, so I can pay off spectacular student loans. Whoops
11) I trust my CA to operate securely. Hmm... I wonder how thats gonna turn out? Whoops

The business model of america for the past generation or so, is to find a trust, break it for profit, and move on to the next area.

If you're trusting a corporation, thats a pretty strong indication you're doin' it wrong. Come up with a different design.

Re:CAs should have to post a bond (1)

X0563511 (793323) | more than 3 years ago | (#37333306)

6) I trust my food store not to baby food full of melamine. Whoops.

They accidentally the whole jar?

Re:CAs should have to post a bond (1)

houstonbofh (602064) | more than 3 years ago | (#37333440)

I really hate how insightful that is.

Re:CAs should have to post a bond (1)

Bucky24 (1943328) | more than 3 years ago | (#37333696)

2) I trust my bank to only loan me a mortgage I can pay off. Whoops

Why on earth would you trust that?

There are more problems with SSL than this (1)

rickb928 (945187) | more than 3 years ago | (#37332364)

We regularly find Windows workstations that won't accept a valid certificate from any of several known good servers one of our applications use. Sometimes installing the root certificate solves it, but often it doesn't. Most of the time reinstalling Windows is the only solution.

Microsoft is of no use in these circumstances, as they avoid dealing with root certs at all. The CA also has no answer. Applying root updates, the specific certs, an all-encompassing cert, even removing and reapplying the CA in Windows doesn't always solve it. And yes, 90% of our users never have any trouble. Even clean Windows installs sometimes fail. It's not so simple as malware.

Several things are rotten in SSL. We need something better.

Re:There are more problems with SSL than this (0)

Anonymous Coward | more than 3 years ago | (#37332630)

You have said *nothing* about problems with SSL. You only mentioned your own issues in installing SSL certificates. How is this an issue with SSL I cannot fathom.

Re:There are more problems with SSL than this (1)

rickb928 (945187) | more than 3 years ago | (#37333000)

Our problem is that we have workstations that cannot negotiate connections despite having valid certificates. The certs install fine, just don't work.

Yes, i'm sure its our fault. understood.

Re:There are more problems with SSL than this (1)

X0563511 (793323) | more than 3 years ago | (#37333322)

Our problem is that we have workstations that cannot negotiate connections despite having valid certificates. The certs install fine, just don't work.

Yes, i'm sure its our fault. understood.

That's entirely Microsoft's shoddy implementation at fault. YOU think the certificate is valid. The OS disagrees. It's not the certificate's fault the OS won't listen to your instructions to trust it.

Re:There are more problems with SSL than this (1)

Kalriath (849904) | more than 3 years ago | (#37334536)

Um, no. The plural of anecdote is not data, and the singular sure as hell isn't either. One person having issues with their SSL with no evidence of anyone else having that same problem is almost 0% likely to be an issue with the implementation which is the same as that of millions of other people without that problem.

Re:There are more problems with SSL than this (1)

Abalamahalamatandra (639919) | more than 3 years ago | (#37332722)

This isn't related to an intermediate CA issue, is it?

For example, Entrust, as part of the switch to 2048-bit certs, starting using an Entrust L1C chain authority - and we've had to load that L1C intermediate certificate onto servers to get them to recognize the certs that Entrust issued. Until you load them, the UI is not terribly helpful - the certificate chain tab doesn't show the missing L1C certificate.

Re:There are more problems with SSL than this (1)

rickb928 (945187) | more than 3 years ago | (#37333042)

One set of certs are Equifax, the other from GTE Cybertrust. Both have troubles.

same story as always with computer security... (0)

Anonymous Coward | more than 3 years ago | (#37332492)

companys that should know better mess up big time ... and it won't change anytime soon, because:
1) Users/Customers dont know that there even is a problem (havent heard about it or do not understand what this is all about anyways). I think that covers about 99.9% of the internet useres
2) If they know, they do not care because it does not affect them directly.

Sure maybe one particular company (DigiNotar in this case) goes down the drain but the chance it hits you are still pretty low. Too low for most managers to hire IT people who actually know what they are doing.

And it will stay this way until wave after wave hits major parts of the population/economy causing massive damage. And I'm talking billions of dollars damage not 1 week of downtime for the PSN. (Okay that did real damage to Sony but who cares.... for most people it was just a minor inconvinience).
Until even the "average Joe" has to ask himself "What the *** is going on here? Where did my money go? Aren't these internet people supposed to prevent this from happening..."

Until then it's more or less pure luck (really stupid scams aside)

$90,000+ (1)

grimharvest (724023) | more than 3 years ago | (#37332578)

Average pay for a server admin, and yet major sites getting hacked left and right, the Net steadily becoming more unsafe all the time: http://www1.salary.com/Client-Server-Database-Administrator-salary.html [salary.com] Must be nice to get paid to fail.

Re:$90,000+ (1)

dkuntz (220364) | more than 3 years ago | (#37332778)

Or it could be, as is often the case in the corporate world, that the server admin's hands are tied by their managers, and their manager's managers, etc. A sysadmin may have the best, most secure, idea ever though of, but if someone up the chain decides "we've done in this way for 10 years, we'll continue to do it this way", then it's moot.

Re:$90,000+ (1)

dkuntz (220364) | more than 3 years ago | (#37332800)

and... s/done in/done it

Re:$90,000+ (0)

Anonymous Coward | more than 3 years ago | (#37332946)

Average pay for a server admin, and yet major sites getting hacked left and right, the Net steadily becoming more unsafe all the time:

http://www1.salary.com/Client-Server-Database-Administrator-salary.html [salary.com]

Must be nice to get paid to fail.

Are you clueless or just stupid?

Re:$90,000+ (0)

Anonymous Coward | more than 3 years ago | (#37333050)

Hahaha. That one server admin is probably in charge of several hundred absolutely-business-critical-must-not-fail machines that he inherited from the previous admin and that run 100 different esoteric software bundles that are finicky about tiny little configuration changes and that will likely break if updated and haven't ever been documented. Oh, and the admin doesn't get any machines for pre-production testing or a budget for training or attending conferences. Also, half the management chain demands admin access to the servers and constantly get infected with malware because they are so f**king stupid.

Re:$90,000+ (0)

Anonymous Coward | more than 3 years ago | (#37333444)

If you think that the "server admin" is the ultimate arbiter of keeping the system secure, then you know nothing about security. Security is everyones job, not one person. How the hell is a system administrator going to keep his system secure when the company employs foolish developer? How is the CIO supposed to keep the site secure when he's ordered to outsource the work to fly-by-night in India? These kinds of problems are usually systemic, not individuals.

Re:$90,000+ (1)

houstonbofh (602064) | more than 3 years ago | (#37333500)

It is not just paying the money. You also have to listen to the advice. Occasionally, that is rare in some management types. (No, you do not need root on the mail server.)

What a poisonous concept we've embraced. (1)

Beelzebud (1361137) | more than 3 years ago | (#37332604)

Too big to fail.... Just a sign of the times I guess. Don't expect anything to get better if this is the question we ask ourselves.

Confused... (1)

Junta (36770) | more than 3 years ago | (#37332714)

'It's not a simple matter of removing certificates from a database, because they're not in any databases,

I don't get this. Removing/replacing a CA cert from trust is easy for browsers/os vendors to do, technically (CA should be on the hook to re-certify certs if they are forced to remove their cert from circulation).

With OSCP, at least *good* certificates *are* in a CA's database, and OSCP will fail for any signed certs that cannot update the OSCP server's hosted copy. Implementation wise, OSCP validation is done poorly, but that's not a flaw of the theoretical design.

There is a whole lot of people calling to throw the baby out with the bathwater in x509, but a 'simple' tweak of mandatory, *affirmative* (no saying 'ok' to server errors or 'try again') OSCP validation to indicate any hint of trustworthiness. If a CA screws up, kick em out.

In terms of more 'radical' changes, I've liked suggestions such as 'require multiple CAs to sign a CSR' and 'publish the CA(s) that are *expected* to be in use via DNSSEC' (requiring attacker to compromise the *specific* CA in use or compromise DNSSEC as well as a CA). I'm wary of key distribution via DNSSEC (requires implementation too pervasive to be practical, theoretically lands you into more dubious territory than current CA model), and I'm wary of Perspectives/Convergence (I'm dubious on how trust gets established in the first place, and I would not be surprised if these systems fell flat on their face under the onslaught of the 'unwashed masses'). Lot's of attacking current state of x509 in the name of advocating some drastic change without enough thought around fixing the weaknesses while preserving the proven strengths.

Downright scary (1)

roman_mir (125474) | more than 3 years ago | (#37332716)

When I hear that something is "Too Big To Fail", I think about 2008 but I also think about USSR. Was the entire country "Too Big To Fail"? How about USA, is it "Too Big To Fail"?

Who can prevent a country from failing?

CA is not a country, but if one CA issues a large number of certificates, then does this CA become too big to fail and do we close our eyes on the problem, which is - CA cannot be trusted?

Can a CA be trusted? Any CA at all? OK, let's turn this around and ask it differently, can a CA be shut down, as in, all certificates signed by that CA revoked and what is the moral hazard of NOT shutting down a CA if one is shown that it cannot be trusted?

Compare this question to the question of moral hazard in the financial industry: how much better is the health of economy now, that financial industry players were deemed "Too Big To Fail" and they were bailed out and stimulated?

Is it better now? Does anybody believe that the economy is better now, that those corporations were not allowed to go bankrupt, as the market required, debts liquidated, assets sold off to pay off some debts in order of priority?

I know the argument that is going to be brought up: counterparties are put at risk. Yes, other banks are put at risk and they will also go bankrupt and shut down and will have to be liquidated, because they assumed risk that was hedged by the counterparties, which are going down.

Same with the CAs, if you shut down the ones that are failing, then what about all the sites out there, whose certificates will stop working? It's not just B2P sites, it's all sorts of certificates that are used in B2B commerce systems, etc.

AFAIC there is no such thing: "Too Big To Fail". You let them fail, you always let them fail. Certificates must be recreated, it will cost businesses something, but it will make them choose their CAs (or whatever other means of doing business), this will increase competition, new ideas will be thrown around, likely many will go with self signed certificates (well many do, I know for a fact that many businesses do use self signed certificates for inter-business stuff).

If you think preventing something that is "Too Big To Fail" from failing with SOLVE the problem, look at the economy today, look at who was bailed out and think again.

Re:Downright scary (1)

UnknownSoldier (67820) | more than 3 years ago | (#37333830)

> I think about 2008 but I also think about USSR. Was the entire country "Too Big To Fail"? How about USA, is it "Too Big To Fail"?
> Who can prevent a country from failing?

Agreed, but I think about the $700 billion bailout to the banks.

Repeating what I posted in a different thread...

"too big to fail" = "the general population gets fucked with the bill !"

True Story: Forest Ranges used to be anal about stopping _every_ forest fire. They eventually learnt that this makes the situation _worse_ in the _long_ run because all the decay that _would_ of been cleared when a big fire hits, is still there. By letting "smalls" fire occasionally go through, it lessens the impact of the bigger ones.
See: http://en.wikipedia.org/wiki/Controlled_burn [wikipedia.org]

What is interesting is that the Talmud mentions about all debts being released every 50 years. It looks like some Jewish wisemen already saw the problems of usary over 3,000 years ago ...

People (and by proxy Government) learn the _most_ from failure.

_Every_ government has collapsed. It is not just a matter of IF, but WHEN. Propping up entities artificially doesn't change that fact, and takes away the learning opportunity of "WHAT NOT TO DO"

Re:Downright scary (2)

roman_mir (125474) | more than 3 years ago | (#37334000)

I am familiar with the forest fires coming back with vengeance after a while, it's a true problem that people create.

The prohibition of usury is more about unreasonably high rates charged for loans, but the religions are wrong. There should be a way to charge any amount of interest, but of-course the risk that comes with this is such that you should know, that many of the loans you make won't be returned. Some will be returned within a small amount of time, so even though the interest is very high, the absolute interest paid in money is really not that bad considering that the person really needed the money and couldn't get it from a different lender (maybe it was a very very risky thing he wanted to do, the collateral was non-existent, but the pay out was huge, so it makes sense to gamble), it is gambling - giving loans to people.

The problem with banks in the current financial market is the moral hazard provided by government, which guarantees depositors will be reimbursed, so bank depositors don't care to find out anything about the bank, they don't look at the business practice of the bank. Imagine that - they are loaning money to the bank (that's what a deposit is), but they don't check on what the bank is doing with the money. They don't care if the bank has private insurance and what the reserves are - government is going to take care of it.

Well CAs being 'Too Big To Fail' is exactly like that. Somebody is going to cover their problems, so why should we care about who we are using with part of our security procedure, an important, user facing part? Never mind, just do what everybody does.

--

Here is a good idea: whenever you find yourself in a situation, that the majority is agreeing with you, you need to reevaluate your own assertions and views, because it's likely you are on the wrong path as part of the herd.

Anything 'too big to fail' (1)

unity100 (970058) | more than 3 years ago | (#37332774)

should be nationalized. because if they are as big like that, it means they become infrastructures of strategic kind, which you cannot just let private interests control.

anyone arguing otherwise has to justify not privatizing the army first.

Re:Anything 'too big to fail' (1)

roman_mir (125474) | more than 3 years ago | (#37332886)

Right, this means all of the "Too Big To Fail" become shared ownership, and because their ways do not change, but their ability to hurt the economy/society grows, as they are now part of government system, they are going to get ever bigger. When all the things converge the government then becomes "Too Big To Fail" and because of all the misallocations and malinvestnments and resource misallignments based on the "Too Big To Fail" that are owned by the government, the government now is collapsing and there is nobody there who can bail out the government.

As to privatizing the army - the government already did that, what's Blackwater, so it failed in that respect.

The question is: how much can you put upon the government to do, before it becomes too big to fail, but then fails eventually anyway, taking down the economy with it?

Re:Anything 'too big to fail' (1)

vlm (69642) | more than 3 years ago | (#37333380)

should be nationalized.

OK for "national strategic resources". I don't necessarily agree, but I mean OK as in I understand your idea. So what do you do with "inter-national strategic resources" like the corrupt world banking system, or corrupt CAs? "inter-nationalize" them? What would that even mean? The UN owns them? The UN is just a gang of thugs, literally. The IETF? The NANOG emailing list and its cabal?

Re:Anything 'too big to fail' (2)

0123456 (636235) | more than 3 years ago | (#37333760)

should be nationalized.

Government-run CAs are the only ones you can absolutely guarantee will be used to issue fake certiifcates at some point.

Re:Anything 'too big to fail' (1)

nedlohs (1335013) | more than 3 years ago | (#37333764)

Surely anyone arguing otherwise would have to justify privitizing the army?

At least in your strange "the only reason for nationalized things is because they are too big too fail" world.

Re:Anything 'too big to fail' (0)

Anonymous Coward | more than 3 years ago | (#37333854)

Anything "too big to fail" should be broken up. Of course, the original meaning was "too big to be allowed to fail" -- if they're that big, better to start dismantling them before they fail anyway and bring everything else down with them.

It's basic business sense, similar to the advice to fire anyone who is "indispensable". (You do it now, under controlled circumstances where you can recover, rather than be risk the company collapsing when the guy gets hit by a truck or quits.)

Alternative improvement idea (4, Interesting)

vadim_t (324782) | more than 3 years ago | (#37333708)

So I've seen quite a few people wanting a switch to self-signed certs (who IMO mostly don't understand what making that secure actually involves), and an idea to check certs from different network paths (which doesn't work if your only path is compromised, and how do you secure the communication to the service that does the check for you?).

So here's an alternative idea: Require multiple CAs.

Instead of doing it the "extended validation" way which is more money for not a whole lot more service from the same provider, it'd be much better to have multiple CA signatures on a single cert.

Compromising multiple CAs in the same timeframe to create a cert would be considerably harder than creating one. More importantly, it'd make revoking large CAs much easier.

Let's say that the new norm is to have a site's cert is signed by 5 different CAs, and that the minimum acceptable amount is 3 signatures.

Then, if Verisign gets compromised there's no problem with pulling their cert: you're down to 4 valid signatures on your certificate, which is still fine. That should put considerably more pressure on CAs to perform better.

Even Verisign wouldn't be able to trust that their security problems would be let go due to their popularity, as even the largest CAs would be completely expendable without the end users needing to care much. The site would just go with a different 5th CA to return back to the full strength.

Re:Alternative improvement idea (0)

Anonymous Coward | more than 3 years ago | (#37333996)

WTF...you pay for the 5 CA's to sign certs for me then and buy me lunch.

Re:Alternative improvement idea (1)

ftobin (48814) | more than 3 years ago | (#37334560)

That's a fairly novel idea that would provide pretty good privacy.

Dedicated certificate revocation servers? (1)

drig (5119) | more than 3 years ago | (#37333710)

Why doesn't each browser's company put up a certificate revocation server? Then, they can revoke individual certs, including those of the certificate authority, and control the length of the revocation, re-authorization, etc.

Already has happened (1)

ewanm89 (1052822) | more than 3 years ago | (#37334836)

I point out that Comodo are compromised twice recently, and not revoked by any browser. As Moxie pointed out in his blackhat talk.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?