[SSL Observatory] Number of CAs

Peter Eckersley pde at eff.org
Wed Dec 7 12:01:08 PST 2011 

Hi Ben,

There have been some flames on this list about the number of CAs!  We're
certainly interested in alternative methodologies that might get a count that
is more precise, both in terms of spotting multiple keys that live in
the same HSM and also effectively have the same attack surface, and in terms
of spotting CAs that aren't visible on public port 443.

But I guess from my point of view this isn't the biggest research question at
the moment.  Regardless of what the count turns out to be, it just isn't going
to be a number that's small enough for server operators to be comfortable if
they need to defend against resourceful and determined adversaries.  Honestly,
I think a lot of server operators would be nervous if you told them that they
had to simultaneously depend on 20 or 30 third parties not making errors, let
alone hundreds.  And as you know, the attack surface for domain validation
includes not only N CAs but also N CAs' ISPs and their ISPs' routers.

Where we hope the Internet community is moving is towards cross-checking
protocols that mean that the number of CAs, or the possibility of attacks
against their upstream networks, is not a security concern for TLS server
operators.  Lots of these are being proposed at the moment, and I guess the
Internet engineering community is going through the process of trying to work
out which are the most practical and desirable as both short- and long-term
solutions.

We have a long-term proposal that we've published
(https://eff.org/sovereign-keys) that we'd welcome CAs' feedback on!  There
are also at least half a dozen other proposals out there, which have a great
diversity of strengths and weaknesses, which this email is too short to do
justice to.

On Wed, Dec 07, 2011 at 11:56:58AM -0700, Ben Wilson wrote:
> Peter,
> 
> In an earlier post you wrote that the number "650+" for separate CAs came
> from the number of distinct values for the "Organization" field in the DN
> (out of more than 1500 CA certificates and 1200 DNs).  Many of us in the CA
> industry believe-from a purely objective standpoint-that the threat surface
> in need of attention is smaller.  Is anyone else besides a few of us CAs
> interested in analyzing this same general area (number of CAs) with
> different criteria in mind?  If the PKI hierarchies involved and physical
> location of CA keys were considered, then different conclusions could be
> made.  For instance, what would the map look like if the DFN-Verien root
> were removed?  It's just that the number "650" is now being used regularly
> in various venues to argue that the problem is that there are too many weak
> links-but while there may be a statistical correlation (the more cars there
> are, the more likely you are to get into an accident), the large number
> alone does not lead directly to the conclusions being made.  As someone
> mentioned to me recently, it's just a number, but what it connotes might be
> something more and statistics and visual representations support the case
> one tries to make.  All I am saying is that a number alone only tells us
> "how many" - it doesn't tell us anything about "good" or "bad."  In other
> words, a purely quantitative analysis without corresponding qualitative
> criteria brings about a different result and leads to a different conclusion
> than what course of action might be best.  Just some thoughts.
> 
> Ben
> 
>  
> 
> Benjamin T. Wilson, JD CISSP 
> General Counsel and SVP Industry Relations
> DigiCert, Inc.
> 
>  <http://www.digicert.com/> Visit DigiCert.com
> 
> Online:  <http://www.digicert.com/> www.DigiCert.com
> Email:  <mailto:ben at digicert.com> ben at digicert.com
> Toll Free: 1-800-896-7973 (US & Canada)
> Direct: 1-801-701-9678
> Fax: 1-866-842-0223 (Toll Free if calling from the US or Canada) 
> 
>   _____  
> 
> The information contained in this transmission may contain privileged and
> confidential information. It is intended only for the use of the person(s)
> named above. If you are not the intended recipient, you are hereby notified
> that any review, dissemination, distribution or duplication of this
> communication is strictly prohibited. If you are not the intended recipient,
> please contact the sender by reply email and destroy all copies of the
> original message. Thank You
> 
>  
> 





-- 
Peter Eckersley                            pde at eff.org
Technology Projects Director      Tel  +1 415 436 9333 x131
Electronic Frontier Foundation    Fax  +1 415 436 9993

More information about the Observatory mailing list