[Cryptography] hard to trust all those root CAs

Jerry Leichter leichter at lrw.com
Wed Jul 23 10:11:07 EDT 2014 

On Jul 23, 2014, at 8:32 AM, John Denker <jsd at av8n.com> wrote:
>> I forget the name, but there was a plugin that would warn you of
>> unexpected changes in location of the CA.
> 
> It can't be a very successful solution, if people refer
> to it in the past tense, and can't remember the name.
No, it was one of those experiments that seemed to fade away.  Clever idea, but we need more than clever ideas - we need widely adopted, working implementations.

> Note the contrast:  As currently deployed:
>  SSL relies on authority, with no pinning or notary.
As I mentioned earlier, Chrome actually implements pinning.  See http://blog.chromium.org/2011/06/new-chromium-security-features-june.html

There's a bit more at https://www.imperialviolet.org/2011/05/04/pinning.html

which indicates that all Google properties use pinned certificates.  It's not hard to add your own pins (though of course that's at best a hobby for a tiny minority of users), and Google said they would consider adding others to its official list on request.  On the other hand, it also says that "User installed root CAs are given the authority to override pins" - so that corporate MITM proxies will continue to "work" (for the appropriate sense of "work") if the corporation installs its own root CA's.  Sigh.

Apparently (https://viaforensics.com/resources/reports/best-practices-ios-android-secure-mobile-development/41-certificate-pinning/) "[T]he official Android Twitter client includes certificate pinning.".

However I find little evidence that pinning, or any related technology, is receiving widespread adoption beyond those special-case experiments.  (Apps are a great use case, since they know who they need to "call home" to.  But for all too many apps even using https rather than http seems to be too much trouble.)
                                                        -- Jerry

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140723/e8e96730/attachment.bin>

More information about the cryptography mailing list