On Wed, Dec 07, 2011 at 04:47:29PM -0700, Ben Wilson wrote: > But I'm not sure where the use of this number will lead us, if we were to > say for example that most system operators could live with 20 or 30 CAs.? > Facing multiple simultaneous risks is nothing new. In our everyday lives we > rely, simultaneously, on more than 20 or 30 people to do things right--I'll > face that just driving home on the freeway tonight.
This is a really interesting analogy to the situation that TLS server operators presently face. It is also, I believe, a disanalogy in some important risk assessment senses. In the case of your drive home, it is true that you have to trust hundreds of other drivers not to engage in reckless or malicious driving. Your strongest protection is that these other drivers would also endanger themselves if they were careless and malicious. The alignment of incentives helps somewhat (and this is somewhat true for CAs, too). Now let's consider the disanalogies. The first is that the risks we're talking about are multiplied across the millions of server operators and billions of users who depend on TLS. In that sense, it would be more reasonable to compare the risks of CA proliferation to the road toll for your entire metro area. In other words, the risk is a serious problem, real accidents are happening, they need to be prevented if possible. A second disanalogy comes from the presence of known malicious actors. We know that state-supported actors have begun to attack TLS and CAs. We can also expect the commercial malware industry to begin attacking it if they aren't already. We know that these actors will figure out that they can attack any CA's network connection in order to compromise any TLS server in existence. So now reconsider the analogy from the perspective of a server operator that knows they are targetted by these adversaries. They are counting the number of cars they have to trust on their drive home, given the knowledge that the Russian mafia is definitely looking to hijack one so that they can cause an unfortunate car accident. Under these cirumstances, being forced to trust /any/ other cars that you didn't get to choose and audit yourself starts to become problematic. Fortunately, I think this problem is fixable. We just need to build the right cross-checking protocols so that domains can't be attacked by CAs or third parties other than those they chose to do business with. -- Peter Eckersley [email protected] Technology Projects Director Tel +1 415 436 9333 x131 Electronic Frontier Foundation Fax +1 415 436 9993
