[Cryptography] hard to trust all those root CAs
Tony Arcieri
bascule at gmail.com
Sat Jul 19 17:37:28 EDT 2014
If only X.509 name constraints actually worked.
Perhaps if the implementations could get fixed / finished, it would be
possible to get the browser vendors to agree to put them in place for
select new TLDs.
On Sat, Jul 19, 2014 at 2:03 PM, John Denker <jsd at av8n.com> wrote:
> AFAICT, a lot of existing protocols were designed to resist
> passive eavesdropping. In contrast, the idea of large-scale
> MITM attacks was sometimes considered tin-foil-hat paranoia.
> To this day, standard Ubuntu Firefox trusts 162 different
> authorities (including the Hong Kong Post Office) to certify
> /anything and everything/.
>
> In the /usr/share/ca-certificates/mozilla directory, only one
> of 163 root certificates has any v3 Name Constraints at all.
> Why Ubuntu and Firefox tolerate this is beyond me; I can
> understand trusting Microsoft to sign Microsoft-related stuff,
> but allowing them to sign /anything and everything/ ?!????!!
>
> Actually it's even worse than that, because people like
> Microsoft have been issuing subsidiary certificates with
> unlimited power, so you don't even need to capture a root
> CA; all you need is one of the subsidiary certs.
>
> Forsooth, one would think that if these Authorities had any
> sense at all, they would voluntarily put constraints on their
> own certificates, just to make themselves less of a target.
> Issuing an all-powerful cert is like walking through a bad
> neighborhood pushing a wheelbarrow full of cash. If you
> carried less cash, you'd be less of a target.
>
> Forged certs are a documented problem in the wild. No tin-foil
> hat required:
> https://www.linshunghuang.com/papers/mitm.pdf
>
> SSL "packet inspection" is an article of commerce. The fact that
> this is even remotely possible tells me that SSL fails to provide
> the thing I most want it to provide.
> https://www.google.com/search?q=%22ssl+packet+inspection%22
>
> That crunching noise you hear is the sound of dead canaries
> underfoot. We really need to take action to reduce exposure
> on this issue.
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
--
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140719/8bd19085/attachment.html>
More information about the cryptography
mailing list