Chris's Wiki :: blog/tech/CertificateAuthorityWeakness Commentshttps://utcc.utoronto.ca/~cks/space/blog/tech/CertificateAuthorityWeakness?atomcommentsDWiki2011-09-13T18:04:13ZRecent comments in Chris's Wiki :: blog/tech/CertificateAuthorityWeakness.By Chris Siebenmann on /blog/tech/CertificateAuthorityWeaknesstag:CSpace:blog/tech/CertificateAuthorityWeakness:a4d2c1b910019c30dd2c9552e9d295e103be1840Chris Siebenmann<div class="wikitext"><p>I wrote about multi-signed certificates in <a href="https://utcc.utoronto.ca/~cks/space/blog/web/MultiSignedProblem">MultiSignedProblem</a>.
The brief version is that if multi-signed certificates are optional, no
one will buy them (they are insurance against a very rare event), and if
they are mandatory they are effectively just a tax on SSL certificates.
Mandatory multi-signed certificates are the SSL CAs effectively saying
'you have to pay several of us because we can't be confidant that any of
us are actually doing our job right'. The obvious answer is 'if you think
that you may not be doing your job right, why am I paying you at all?'</p>
<p>(The answer to that is 'because SSL is an extortion scheme'. You pay
a SSL CA to make the browser bar turn colours without your visitors
getting scary warnings.)</p>
</div>2011-09-13T18:04:13ZFrom 71.56.100.181 on /blog/tech/CertificateAuthorityWeaknesstag:CSpace:blog/tech/CertificateAuthorityWeakness:768d3079df46571679bd0312c5c8349d1d6a26efFrom 71.56.100.181<div class="wikitext"><p>One of the biggest sins of tech people is dismissiveness. You have dismissed multiple signatures and focused on what appears to be your preferred flame target, web of trust. However, multiple signatures clearly is the answer here. If a certificate is signed by multiple trusted authorities and trust in those signatures is considered ANDed instead of ORed (as implied in your <a href="https://utcc.utoronto.ca/~cks/space/blog/tech/WebOfTrustFlaws">WebOfTrustFlaws</a> page), once any one of the signatures are called into question, then the certificate becomes invalid.</p>
<p>This is the clear answer given that it's already been shown that governments, in addition to hackers, have been able to breach a single root CA and forge certs as much as they like. With multiple signatures, this becomes much more difficult.</p>
</div>2011-09-13T15:12:23ZBy Chris Siebenmann on /blog/tech/CertificateAuthorityWeaknesstag:CSpace:blog/tech/CertificateAuthorityWeakness:cddbddbb0dc55cb0e8d92f1b1d7968acc6576d71Chris Siebenmann<div class="wikitext"><p>There are two different models here: the 'web of trust', which requires
people to decide on trust authority themselves, and multiple signatures
from known authorities. Multiple signatures is simply an extra tax on
SSL certificates (sure to be popular with the CAs, extremely unpopular
with everyone else). Web of trust has the same problem as every other
attempt to delegate security to end users; you are pushing the hard
problem (picking trust roots) to a lot of people who have neither the
experience nor the interest to do it well. I wrote about the whole issue
in <a href="https://utcc.utoronto.ca/~cks/space/blog/tech/WebOfTrustFlaws">WebOfTrustFlaws</a> and <a href="https://utcc.utoronto.ca/~cks/space/blog/tech/WhoManagesSecurity">WhoManagesSecurity</a>.</p>
<p>(I've also written about general SSL issues before,
<a href="https://utcc.utoronto.ca/~cks/space/blog/web/SSLCANeed">here</a> and <a href="https://utcc.utoronto.ca/~cks/space/blog/web/MultiSignedProblem">here</a> and
in things they link to. And other entries too. It's a rant topic for
me.)</p>
</div>2011-09-12T17:19:11ZFrom 71.56.100.181 on /blog/tech/CertificateAuthorityWeaknesstag:CSpace:blog/tech/CertificateAuthorityWeakness:03ceaa562befd44c4e3a268f4536b683b781b8feFrom 71.56.100.181<div class="wikitext"><p>Don't forget the PGP/GPG or "web of trust" model. In that model, a key is signed by multiple trusted authorities, instead of a single one. This makes it much more difficult to forge a certificate since multiple authorities needs to be compromised.</p>
<p>This should have been the route SSL took from the beginning, which would have avoided many of the current issues.</p>
</div>2011-09-12T15:51:35Z