[Cryptography] The EFF 650 CAs lie

Rob Stradling rob at sectigo.com
Tue May 5 08:46:42 EDT 2020

On 02/05/2020 04:52, Phillip Hallam-Baker wrote:
> On Fri, May 1, 2020 at 5:21 PM Rob Stradling wrote:
>     Here's a new number for you, FWIW.  Using the (quoting PHB) "a CA is
>     a body that has control of at least one Certificate signing key"
>     metric, I reckon there are about "170 CAs" at the moment.
> Now that is an interesting data point. Any idea what would be driving 
> the change?

The change from what?

(You've reminded us of the flaws with the EFF's "650 CAs" soundbite, so 
I presume that's not the datapoint you're comparing "170 CAs" against).

> Are these unconstrained CAs that can issue any cert or a cross certified 
> issuer operating under a constrained intermediate?


CAs are not required (by Mozilla's policy, etc) to disclose technically 
constrained CA certificates to the CCADB, and so most are not disclosed. 
  (I just re-ran my analysis but filtered out "CA Owners" that only 
operated technically constrained CA certificates; however, the resulting 
list was unchanged).

BTW, ~10 of those ~170 don't operate intermediate CAs capable of issuing 
trusted server authentication certs.  (My analysis included them because 
they're capable of issuing trusted S/MIME and/or Code Signing certs).

> This is one of the reasons accuracy matters. If we accepted the 650 CAs 
> number as valid, this would look like a reduction. But the number seems 
> to actually be increasing. And its hard to see what the commercial 
> driver would be for that at the moment what with one of the dominant 
> players giving away the product for free.
> If it is driven by governmental concerns, that would be interesting. 
> Though another possibility is that the cost of setting up a CA has 
> reduced over time due to standardization of practices and procedures, 
> the time taken for a CA to be useful has reduced due to mandatory 
> browser updates and former affiliates to major CAs are trying to 
> establish their own.
> It would be interesting to know what the reason is.

Rob Stradling
Senior Research & Development Scientist
Sectigo Limited

More information about the cryptography mailing list