Nelson B wrote:
Gervase Markham wrote:
Fundamentally, when we had no market share, we had no leverage. When
we have some, we'll have some. So how about this for an idea to kick
around:
- CA Foo issues a bunch of duff certs to phishers
- People lose money
Very little of this has happened historically because the existing CAs
now in mozilla's list have been very very good at not issuing "duff"
certs.
Right. But you are misinterpreting the causes and
effects. Very little duff issuance has occurred because
it isn't valuable. There is and there remains no value
in duff issuance, because phishing works without
certs.
This is the problem, pure and simple: attacks on value
bypass the CAs and certs. Response? Force them to
use HTTPS; Corollary? Certs will *then* be attacked
and duff certs *will* be issued.
As evidence of this truth, I offer the HUGE amount of press
(not to mention postings in this group) that a *single* duff cert
incident
got a few years ago. The press held that CA up to high standards
precisely because that CA already had a reputation for doing a good
job of avoiding "duff" certs.
I take anything written in the press with a grain of
salt. I'm sure they bought into the whole "perfect
security" myth and thought it was fun to write about...
Even though the Shmoo cert was obviously a bit odd,
it got issued. But no crook bothers to do that, unless
there is money to be made.
However, mozilla is now considering changing its standards for admission
to mozilla's trusted CA list. I think there is substantial risk of
increased "duff" certs (especially SSL certs) from this plan.
There is a substantial, even huge risk of duff certs
being issued. On that we are agreed. But the _cause_
is that they will become valuable. And that only
happens when Gervase and HJ and others start
putting the cert domain name and cert signer on
the chrome.
When users start defending themselves from phishing,
then the certs will be valuable... then they'll be attacked.
Not before. Why attack a cert-protected site when you
can hack in and steal the database? Why bother with
any of that when you can apply to join ChoicePoint's
open search service?
It's a chess game, thinking several moves ahead.
- The MF decides, pragmatically, that CA Foo has sold too many certs
to yank their root cert, due to user inconvenience.
This says to me that MF needs to hold a high standard before admitting
certs to the list, because it's too difficult to take them out later.
"needs to hold a high standard..." Well, this is like
saying "let's ban guns!" To which the answer is,
"then only criminals will have guns."
Nothing that MF can do will slow down a crook.
Crooks laugh at those sorts of things (well, they
would if they knew about HTTPS ...)
- The MF instead declares that CA Foo's root cert will be yanked in 6
months, unless they clean up their act, and that sites should not
rely on CA Foo's certs working in 15% of browsers 12 months from now.
MF might declare that, but I doubt it would ever enact the threat.
Doing so would only hurt mozilla.
Right. I must admit I'm somewhat bemused by the
threat that MF would pull a root cert. But, in the
scheme of things, I don't see it makes a difference
to the security of the users, one way or another,
so I don't bother to think too hard on it.
When something that previously worked stops working in a browser,
end-users' perceptions are always "that darn buggy browser is junk",
never "that web site's admin hasn't got a clue about security".
Too many users live in caves. They wouldn't learn about the CA cert
removal until their web pages stopped working. Then they'd gripe
en-masse about mozilla. Not about the duff CA, but about mozilla.
Yup. Once it's out there, that's it.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
