[Cryptography] hard to trust all those root CAs

Tony Arcieri bascule at gmail.com
Sat Jul 19 17:37:28 EDT 2014 

If only X.509 name constraints actually worked.

Perhaps if the implementations could get fixed / finished, it would be
possible to get the browser vendors to agree to put them in place for
select new TLDs.


On Sat, Jul 19, 2014 at 2:03 PM, John Denker <jsd at av8n.com> wrote:

> AFAICT, a lot of existing protocols were designed to resist
> passive eavesdropping.  In contrast, the idea of large-scale
> MITM attacks was sometimes considered tin-foil-hat paranoia.
> To this day, standard Ubuntu Firefox trusts 162 different
> authorities (including the Hong Kong Post Office) to certify
> /anything and everything/.
>
> In the /usr/share/ca-certificates/mozilla directory, only one
> of 163 root certificates has any v3 Name Constraints at all.
> Why Ubuntu and Firefox tolerate this is beyond me; I can
> understand trusting Microsoft to sign Microsoft-related stuff,
> but allowing them to sign /anything and everything/ ?!????!!
>
>      Actually it's even worse than that, because people like
>      Microsoft have been issuing subsidiary certificates with
>      unlimited power, so you don't even need to capture a root
>      CA;  all you need is one of the subsidiary certs.
>
> Forsooth, one would think that if these Authorities had any
> sense at all, they would voluntarily put constraints on their
> own certificates, just to make themselves less of a target.
> Issuing an all-powerful cert is like walking through a bad
> neighborhood pushing a wheelbarrow full of cash.  If you
> carried less cash, you'd be less of a target.
>
> Forged certs are a documented problem in the wild.  No tin-foil
> hat required:
>      https://www.linshunghuang.com/papers/mitm.pdf
>
> SSL "packet inspection" is an article of commerce.  The fact that
> this is even remotely possible tells me that SSL fails to provide
> the thing I most want it to provide.
>   https://www.google.com/search?q=%22ssl+packet+inspection%22
>
> That crunching noise you hear is the sound of dead canaries
> underfoot.  We really need to take action to reduce exposure
> on this issue.
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>



-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140719/8bd19085/attachment.html>

More information about the cryptography mailing list