[Cryptography] Certificates and PKI

Ray Dillinger bear at sonic.net
Mon Dec 22 12:11:12 EST 2014

On 12/22/2014 05:32 AM, Ben Laurie wrote:

> Pinning does indeed not care who signed the certificate. However, it
> introduces an apparently insurmountable problem: what happens when you
> lose your key? And, to be clear, by "lose", I mean, "no longer have
> access to". It seems that your website is then unavailable for
> whatever the pin expiry time is. We don't think that's acceptable, nor
> fixable without introducing some entity with essentially the same role
> as a CA.

Honestly, I think pinning is necessary to the customers because
they *NEED TO KNOW* when the keys (ie, the website) change hands.

If I've been doing business with, say, Amazon, and one day I go
to amazon.com and I see "this site is using a different certificate
than last time you came here" I think that's valuable information,
and I will be absolutely sure that the site knows things that only
Amazon should know - such as my order history - before I'll think
of trusting it for small orders.  And it means I'm not going to
be doing any large orders (say, more than $10) with Amazon that
day.  Before spending major money, I'll be watching the news for
a couple of days.  When Amazon calls a press conference and
announces they lost their key and are now using a new one, then
I will start trusting that the new cert is legit, and pin it. Or,
if I have no large purchases to make, I'll pin it after a few
small ones go through and get delivered, provided no major news
stories break about a someone putting up a fraudulent fake Amazon
site in the meantime.

If Amazon thinks that's unacceptable, or aren't willing to announce
it publicly when they lose their key, then they'd damn well better
keep track of their key.

> Dealing with leaked (i.e. usable by someone other than you) keys is
> also problematic - how do you ever regain control of your domain if
> you've ever had it taken over by a bad guy?

You put up your site with a new certificate, publicize the fact
that your old key is now void, EAT the expense of a few days of
lost business while your customers check it out, and continue.
Replacing a key you failed to keep confidential, including the
lost business you incur because you failed to keep it confidential,
is part of the cost of doing business.

This kind of announcement to the attention of actual consumers
rather than all behind the scenes and invisible, is how the CA
business should have worked from the start. The decision to
trust a new party should never be invisible to the people who
are trusting the new party with their money.

Again, if that is unacceptable, then people need to start taking
security seriously, and implementing serious computer security
infrastructure so they don't get their keys stolen.

Only once big business has real money on the line, will we
see the whole new infrastructure of security in software and
operating systems that is needed to add value to every business
and protect every individual!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141222/fa073b87/attachment.sig>

More information about the cryptography mailing list