Dailydave mailing list archives
Re: Questions about MD5+CA
From: Jon Oberheide <jon () oberheide org>
Date: Sat, 03 Jan 2009 04:44:15 -0500
On Sat, 2009-01-03 at 02:47 +0100, wishi wrote:
Dave Aitel schrieb:Totally. This was a good opportunity for Mozilla or the IE team to be thought leaders in security, and neither stepped up. The right thing to do would have been to announce an update that disabled the root CA in 10 days. That gives everyone ten days to get a new certificate from somewhere else. Security is about hard choices. Currently, we're all about sticking our heads in the sand - which devalues SSL as a security protocol entirely.
[snip]
If they don't revoke the root, the security of the PKI system from now until 2020 (when the RapidSSL cert expires) will rely on the assumption that our team did not make a second CA cert that nobody knows about and that nobody else did either. We didn't, but how can we possibly prove that? How can any CA that used MD5 prove beyond doubt that they have not signed a colliding key in the past?
[snip]
Security is about choices. For sure. About the choice to maximize profit at all costs, or not. That brings me back to "Perspectives" - the firefox add on. I personally don't trust CAs, or huge PKIs. Latter always get weaker, the larger they grow. And CAs are an economy of strangely named companies that no one transparently monitors. It's interesting: in theory PKIs work very well, as long as there's no money. ;)
On the other hand, I'd argue that PKIs are more effective when there _is_ money involved. While CAs will of course attempt to maximize profits, any commericial root CA included in popular browsers has a significant economic incentive to maintain its trust and reputation. Without revocation of the offending root CAs by browser vendors, it is sending a message that poor security practices will not be punished. Responsible (and justified, in this case) revocation is the only way to ensure that economic incentives continue to exist (eg. "Revocation costs us X dollars so we need to invest Y dollars to ensure our compliance") to improve the security practices of these CAs. Regards, Jon Oberheide -- Jon Oberheide <jon () oberheide org> GnuPG Key: 1024D/F47C17FE Fingerprint: B716 DA66 8173 6EDD 28F6 F184 5842 1C89 F47C 17FE
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Questions about MD5+CA Alexander Sotirov (Jan 01)
- Re: Questions about MD5+CA Dave Aitel (Jan 02)
- Re: Questions about MD5+CA wishi (Jan 02)
- Re: Questions about MD5+CA Jon Oberheide (Jan 03)
- Re: Questions about MD5+CA wishi (Jan 02)
- Re: Questions about MD5+CA Dave Aitel (Jan 02)