[Cryptography] The EFF 650 CAs lie
cryptography at dukhovni.org
Wed Apr 29 16:20:48 EDT 2020
On Tue, Apr 28, 2020 at 11:36:45PM -0400, Phillip Hallam-Baker wrote:
> Years ago, the EFF set up its infamous Certificate Observatory, looked at
> the network of public intermediate certificates that had been issued,
> called each intermediate a 'CA' and issued what has become the zombie lie
> of 650 CAs.
> It was not a deliberate lie at the time it was said but it has become a lie
> since with the obstinate refusal to correct the record. I am going to be
> taping a module on PKI for my course on cryptography and it would be much
> better for all concerned if I could say the EFF has finally retracted this
Does the exact number matter much? Suppose it is ~65, is that
On a Fedora 31 system, the OS installs 138 self-signed trust anchors,
when I extract just the "O=" component of the subject DN (falling back
on "CN=" when "O=" is absent), I gest 69 unique case-insensitive names:
AC Camerfirma S.A.
Agencia Catalana de Certificacio (NIF Q-0801176-I)
Autoridad de Certificacion Firmaprofesional CIF A62634068
COMODO CA Limited
China Financial Certification Authority
Chunghwa Telecom Co., Ltd.
Digital Signature Trust Co.
E-TuğFra EBG Bilişim Teknolojileri ve Hizmetleri A.Ş.
GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.
Google Trust Services LLC
Government Root Certification Authority
Hellenic Academic and Research Institutions Cert. Authority
Internet Security Research Group
Japan Certification Services, Inc.
Krajowa Izba Rozliczeniowa S.A.
Network Solutions L.L.C.
SECOM Trust Systems CO.,LTD.
Staat der Nederlanden
Starfield Technologies, Inc.
T-Systems Enterprise Services GmbH
The Go Daddy Group, Inc.
The USERTRUST Network
TrustCor Systems S. de R.L.
Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK
Unizeto Technologies S.A.
XRamp Security Services Inc
eMudhra Technologies Limited
A few of these are clearly alternative names for the same organisation,
but it seems safe to estimate that there are at least ~50 distinct
entities on the above list.
So, OK perhaps an order of magnitude fewer than 650, but does it make
enough of a difference to call the larger naïve estimates "lies"?
I still don't know who most of these are, and probably would prefer to
not unconditionally (i.e. without name constraints) trust all of them.
More information about the cryptography