New article on root certificate problems with Windows
Frank Siebenlist
franks at mcs.anl.gov
Fri Jul 20 12:59:38 EDT 2007
(I don't have access to windoze... cannot verify if my suggestion would
work...)
Can't you replace the installed root certs with empty files or bogus
content such that they will fail path validation and still trick MS not
to re-install them?
-Frank.
Jeffrey Altman wrote:
> pgut001 at cs.auckland.ac.nz wrote:
>> The executive summary, so I've got something to reply to:
>>
>> In the default configuration for Windows XP with Service Pack 2 (SP2),
>> if a
>> user removes one of the trusted root certificates, and the certifier who
>> issued that root certificate is trusted by Microsoft, Windows will
>> silently
>> add the root certificate back into the user's store and use the original
>> trust settings.
>>
>> While I don't agree with this behaviour, I can see why Microsoft would do
>> this, and I can't see them changing it at any time in the future. It's the
>> same reason why they ignore key usage restrictions and allow (for
>> example) an
>> encryption-only key to be used for signatures, and a thousand other
>> breaches
>> of PKI etiquette: There'd be too many user complaints if they didn't.
>
> The real flaw that I see in their design is that they permit
> certificates that they installed to be removed. Instead they should
> have provided a "disabled" feature so that those who wish to disable
> installed certs can do so and thereby ensure that in the future they
> won't be restored.
>
> Jeffrey Altman
>
--
Frank Siebenlist franks at mcs.anl.gov
The Globus Alliance - Argonne National Laboratory
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list