[SSL Observatory] SSL CA compromise in the wild

Jacob Appelbaum jacob at appelbaum.net
Wed Mar 23 16:02:30 PDT 2011 

On 03/23/2011 03:48 PM, Ali-Reza Anghaie wrote:
> In this case or the case of the MS certs being bought at random, why
> aren't these roots being pulled from browsers or at least thoroughly
> humiliated with really forceful messages?

The Browser Vendors are afraid that people will simply jump ship to a
browser that "works" out of the box. Removal of a root will supposedly
decrease browser share and so browser vendors refuse to remove roots
unless absolutely forced.

I think leaking the private key for a root cert would be the only thing
that would force such an event.

> 
> Honestly, how hard would it have been for the big three/four browsers
> to have added a warning message for all Comodo sites. It would have
> made private customers have second thoughts on working with them, made
> other CAs double and triple check their work, etc.

The story I've heard a few times is no one wants to alienate the CA who
comes forward and does "the right thing" in the event of a compromise. I
think this is fair but it's also totally a cop out.

To put it another way, I used collusion in my writeup for a reason: I
feel that the vendors who did not IMMEDIATELY disclose mitigations and
full identifying information for certificates did so to prevent damaging
a private relationship with Comodo.

They acted against their users in the short term in hopes of keeping
this entire charade going for even longer. The idea is that in the long
term, they can keep helping their users because the CA will keep
contacting them. Back room deals do not make for a good security ecosystem.

The CAs have to be kept in check with technical measures and not with
vendor pandering. This is why systems like DANE make a good complement -
it requires a totally different set of compromises.

> 
> Inconvenient and annoying? Likely. But so is a 0300 knock and potato
> bagged escort out of your home in Tehran, Iran.. -Ali
> 

No kidding, right?

Most browser vendors don't understand the security game they're playing
when they make security promises. This isn't just about a PayPal account
getting hijacked.

Google is a company being targeted by State level security forces and
rather than shirking the responsibility, they're being as transparent as
is possible about their failures. They're also moving the industry
forward and innovating major security solutions, debunking the myths
(such as SSL costs), and more.

All the best,
Jacob

More information about the Observatory mailing list