hip2b2 asks:
"SSL over HTTP is becoming a very popular way of securing websites for eCommerce and other forms of secure transactions. A vital ingredient of a SSL protected website is an SSL certificate.
In the Philippines, most of the secure website here buy their certificates from Verisign.
Why should we trust a certification authority that is located in a different country and charges and arm and a leg for a certificate instead of a local one? I can pay 349USD for a Verisign or 125USD for one from Thawte, which is not cheap here. With an exchange rate of around 48.50PHP per USD, this amount is beyond the reach of most local sites who just want to setup secure sites to try out the technology or use it for some charitable purpose. How do we expect to promote the use of SSL in our websites locally with these prohibitive costs? This problem is not limited to the Philippines, I presume that other countries could also relate to this issue." Right now, the cost of an SSL certificate is one of the prices for doing business on the internet (in addition to bandwitdh costs), but what would it take to start up another company that issues CAs, especially if you want to do it outside of the US?
"Is it a question of trust? Do local ecommerce and secure sites trust verisign more that say a local company that provides secure certificates? What confuses me is why is there no proliferation of trusted local institutional CAs? In the future, Verisign might end up being another Network Solutions.
Oh wait! Network Solutions is a Verisign company!
What are the barriers for setting up local country CAs? Right now, I presume that browser makers are the ones listing the trusted root CAs on their browsers by default. If my university were to setup a root CA how would we get netscape and the other browser makers to recognize us? or is there some sort of governing body for assigning root CAs like ICANN is supposed to be for name resolution? or could this be one of ICANN's eventual functions?"
Slashdot Mirror
Your web site sells statues. Your certification authority is in Afghanistan. The country of the certification might matter.
Yes, the insurance aspect of the big-time cert companies is nice, but more important for many businesses that do B2C ecommerce is that the "VeriSign" logo, like one from the Chamber of Commerce or Better Business Bureau, helps assure customers that there's a substantial business behind the Web site they see. But plenty of businesses do well without joining a CoC or the BBB (the best auto repair shop I've found locally belongs to neither, for instance), especially those that foster close personal relationships with customers.
I have never taken credit cards directly online for my limo business. I started it in pre-Internet days and still have the same old XON credit card terminal I got in the late 80s, and it still works fine. Customers either hand us their cards when they get in one of the limos or, if it's something like a business person whose company is paying or a celeb whose travel is being covered by a production company (which is how most celebrity transport is handled, BTW), a secretary or other admin person usually calls or faxes directly with the trip/charter information anyway and includes the credit card number and expiration date in that call or fax.
My limo partner and I are considering taking cards directly online before long. Small businesses (like ours) that don't have (*cough*) huge amounts of VC or IPO cash tend to be far more conservative than wing-ding companies because if we don't make a profit almost every single month we go broke. (The garage where we take our limos is *just now* thinking about putting up a Web site.)
But if I decide to take credit cards online, I am *not* going to fork over $200 or $300 or $400 for a third-party cert. I'll just put an ordering page -- one page -- on Joes's server and ride on *his* cert in return for a small fee, like maybe a six-pack or two.
- Robin
SSL is used for more than commerce. I use imap over ssl daily, but I use a self signed cert, I'd be nice to give my friends access and not have the security warning. I'm not going to a few hundred a year just so I can have security, so I do it halfway... Also, I use https to secure webmail when I'm not at home, but, it's not completly secure because of a self signed cert. Sourceforge uses ssl to log in, but they're not exactly selling thier open source software.
Not everythign on the internet is for making money.
The reason for having these expensive certs from these companies is that you are paying for that level of trust. If i was giving out certs for free there would be no reason at all to trust me. However having a big name like verisign as the provider of your cert is like wearing brand name cloths, its a status symbol and it brings with it a level of trust, which is very important for ecommerce sites to have.
Form what I've seen, it's not at all hard to get a bogus cert. You're basically paying for a rubber stamp. The primary reason certs are used is simply to convince the browser to open an ssl session without popping open 6 dialog boxes worth of FUD.
The certs themselves are simple enough to create (including a CA cert).
What is really needed is various levels of cert from self generated ones that simply allow encryped connections all the way up to one that represents careful auditing and controls to surely verify the identity of the server on the other end.
I notice that it costs a lot more to get a wildcard cert (*.my-domain) than a single one (www.my-domain) even though the level of verification is the same.
Verisign bought Thawte sometime back (I believe it was May or June of last year). They're essentially the same company. I think by buying a Verisign cert over a Thawte cert, you're essentially getting a better support structure, although honestly, putting in a cert is brain-dead simple and shouldn't require much in the way of support (I do it every once in a while).
But take a look at the costs again. It's $125/yr. for a Thawte certs (the drawback to a Thawte cert is that it doesn't work in older versions of Netscape and IE which make up less than 1% of browser usage). That's roughtly $10/mo. for a secure site which is not at all expensive. It's really not that prohibitive to setup an SSL site. Prior to the release of the RSA patent into the public domain, that was your primary cost (passed on through purchases of software like Stronghold), and that cost is now basically gone.
If I was a small business, I would gladly pay only $10/mo. for secure server capabilities.
The essay asks Ten Important Questions and attempts to explore each one with some depth. These are not necessarily obvious issues; you might not think of them unless you spent some serious time pondering the ramifications of Trusted Third Parties (TTP) and Public Key Infrastructures (PKI). If you read the essay and consider it carefully, you will realize that using PKI to realize a TTP electronically has some pitfalls and while these may be addressed, it is labor-intensive (read: not cheap).
A lot of the posts on this story have been predictably dismissive of the issues laid out in Schneier and Ellison's essay. Part of the reason for this attitude is that some of these issues seem contrived or academic until you are in a situation where there are serious consequences for getting them wrong.
To borrow an example from the field of US law, consider the case of Colin Ferguson. Ferguson shot and killed several commuters before being wrestled to the ground when he ran out of ammo. When the police arrived, the witnesses probably said,"This guy shot some people," not,"This guy allegedly shot some people!" The next day, millions of break-room conversations no doubt mentioned "The guy who shot all those people on the train," not,"The guy who allegedly shot all those people on the train."
Why shouldn't they? After all, barring supernatural circumstances, there wasn't really any doubt that Mr. Ferguson has commited the crimes of which he was accused, yet any attorney or responsible news organization would have carefully referred to Mr. Ferguson as "the alleged attacker" until the point at which he was found guilty. In the US, people are legally considered innocent until found guilty in a court of law, and people who are responsible for maintaining this system (lawyers, legislators, judges, and to some extent, the media) will (or should) assiduously use the term "alleged" until a conviction is obtained; in the case of Colin Ferguson, this detail seemed absurd, but like many of the "overblown" details of PKI, and TTP, there are important issues at stake (just wait until you are accused of a crime you didn't commit!).
Now that you are thinking about that, how would you feel about a witness affadavid(sp?) that was validated only with a digital signature, rather than in-person testimony. Nervous? You should be. (Don't panic, this would probably be a violation of your VIth Amendment right to face your accuser.)
It should be little wonder that the boilerplate "Certification Practice Statement" (CPS), that any Certificate Authority (CA) should have, was drafted by the American Bar Association (the professional assocation of American lawyers).
What the referenced essay was trying to do was not to trivialize or malign PKI, but the highlight the issues that ultimately make it expensive to do PKIs and TTPs correctly. Before you run out, download OpenSSL and start cutting some free certificates, you should really understand why paying US$1000 for the same cryptography might be worth the money when this is something valuable at stake.
- I'm fairly sure that if you serve your root certificate with an appropriate Content-Type, and Netscape will happily import it after confirming with the user.
You are correct, but the real problem is steering Joe-Sixpack to that CA cert location. Typical end-users just aren't aware of them or used to downloading them. I addressed this in another post.- the first time a web page comes up that's signed by CA X, the browser says "Here are the details for CA X. Do you wish to install this key permanently so that you will not be warned about certs signed by this CA in the future?"
Yes, but where does this CA public key come from? All the browser knows, at that point, is that the server certificate has been signed by an unknown CA. The CA's public key is not part of the SSL handshake. How do you redirect the browser to find the CA certificate for that CA without allowing an attacker to steer the browser to a bogus cert?For example, the browser says,"This certificate has been signed by Verisign. Do you want to accept Verisign's CA certificate (from www.h4x0r.com)?
- If they have *no* CA's, how do they import any other ones? Without a cerver cert, any imposter could (say) dos the CA, and spoof their address.
You have both failed to understand how CA certs work and brilliantly highlighted a little-considered problem with PKI.You need at least one cert in the browser
The CA certs that are embedded in the browser have absolutely nothing to do with downloading new CA certs. The new CA certs are just that -- new CA certs.
The problem you highlight is this: how do I know that the CA cert that I'm downloading actually contains the public key for the CA I think it does? When your browser quietly loads an SSL page, you have to just assume that the CA certificates that installed in that browser are valid.
The accepted solution to this problem is to publish CA certificates so widely that subverting a single channel would be unlikely to result in a signficant number of people obtaining the fake CA cert. Furthermore, a human can verify the "Certificate FingerPrint" (an MD5 or SHA-1 hash of the cert). This Certificate Fingerprint should be so ubiquitous that a fake CA certificate should be immediately obvious.
Of course, this assumes that you, the recipient of the CA Cert make some effort (or any effort, for that matter), to verify the CA Cert. Have you verify any cert you've ever recieved? I'd be willing to be that most people reading this have never done so.
In summary, the bootstrap issue is a big deal, although you are mistaken that you need a CA cert in the browser to verify subsequent CA certs; they aren't related.
- Very often, CA's certify each other.
No, they don't. You must be confusing one of two things.Sometimes a CA will sign the credentials of a subordinate CA. The new CA usually operates within a narrow context. When we have been talking about CA in this discussion, we have been talking about root CA's that are not certified by any other CA.
What I think you are talking about is cross-certification. Let's say that my company trust Verisign and your company trusts Thawte. If we want to work together, we can take the option of using the same CA, which means one of us has to go through the process of forming a new trust relationship. Instead, we can have a cross-certfied CA set up. This CA is endorsed (signed) by both Thawte and Verisign, meaning that my company will trust certs sign by the new CA and so will yours, although neither of us form a new trust relationship.
Even if you were correct, you still haven't solved the problem. Let's say I've got Verisign's root CA certificate signed by Thawte. How do I know it was really signed by Thawte? I need Thawte's root CA cert... and well, we're back at square 0.
- A CA will just have to convince the open source projects (possibly by donating money and/or servers and/or people contributing to the browser code) to get their cert in the default setup.
This is a Bad Thing(tm). By allowing an open-source project to include the CA's they want, I anticipate a veritable fuckload of weird CA certs embedded in Mozilla. (Maybe the Powers That Be on Mozilla or other OSS browsers will be hyperclued, but I, for one, don't want to take that risk.)Instead, OSS browsers should contain no CAs. Upon install, the browser may bring up instructions on how to find the most popular CA root certs. Then Joe Six-Pack will have to get them, or find himself constantly nagged on SSL sights. The upshot will be that the browser is not quitely trusting anyone, and Joe Six-Pack now has an awareness of CA certs and how to load them.
It's also possible to buy "wildcard certificates", e.g., for "*.mydomain.com", but these are very expensive and not all browsers (or other SSL software) know about them.
Sure, but then you have no way to be certain that your encryption isn't being compromised by a man-in-the-middle attack. Seem my other comments on this article.
Once I find a root CA that is trusted by most browsers, inexpensive, and is run by people I don't dislike so much, I'll certainly switch.
In the mean time, I'm reasonably happy with recommending Equifax to people who don't want to pay more money for Verisign/Thawte.
You do not at any time in the registration process (or afterward) give your site's private server key to Verisign. You only send them your public key, and that is what they sign.
This is not a back door, because ANYONE connecting to your SSL'd server gets that very same public key.
If the NSA can break the public key crypto and use your public key to compute your private key, they certainly don't need (or want) Verisign involved in the process.
You're missing the other use of certs - they prevent the man-in-the-middle attack, because VeriSign/Thawte (a trusted party with a known public key) can validate that they are giving you the "true" public key for that site, instead of giving you the public key for a middle-man machine.
Engineering and the Ultimate
1) The certificate authority also prevents man-in-the-middle attacks, because the CA has a known public key.
2) It is up to the browser vendors to decide who has a trustworthy network and who doesn't. If you can't trust your browser vendor on security issues, who can you trust(another reason not to use IE)?
Engineering and the Ultimate
Because this still doesn't solve the man-in-the-middle attack
Engineering and the Ultimate
The problem is that the certificate holders hold secret information (namely, your private key). Passport issuers don't have the same problem. There is nothing that guarded that they are holding. I trust my goverment with a picture, a name, and an address. I will not trust them with my private keys.
Engineering and the Ultimate
> My proposal, thus, is to transfer the handling of digital certificates to a governemnt
> (ideally international, thus UN) sponsored body which achieves thrustworthiness trough legal > backing.
> This anihilates the market and the situation of near-monopoly we presently face.
Only by going to a total monopoly system. And why do you make the assumption that governments are trustworthy? *I* certainly dont trust them.
> I mean, your passport is issued by the state and I'd venture to guess nobody even among the > most extreme libertarians would challenge that...
Sure I will. What gives governments the right to control my movements?
The situation may be bad now, but the solution you propose will only make it worse; who says SSL and the CA system is the final word in authorization/authentication? Why not let the market decide?
As a prevoius poster stated, if you or me gave out certificates for free, the value of the certificate fould be seen as low. This is in part because I'm not perceived as well known, stable, trustworthy entity (just ask my friends:) ). The other reason for distrust would be for the very fact that it is given for free; in other words, it's the same kind of effect taking place when people perceive linux of xBSD as being worse than Winxx because it doesn't cost anything.
Let's say a large, trusted entity (like IBM, or a large bank) would start giving out certificates for little or no money. Many would be concerned that they won't do a good background check, or be vigilant for abuses of certificates when the customers aren't paying for it. Also, the customers would get the sense that 'just anybody' could get hold of a certificate, which would seem to cheapen its value in itself. Basic psychology, really (and this is a large part of the reason why a Weight Watcher program works - at least temporarily - whereas magazine diets don't).
Trust the Computer. The Computer is your friend.
Why not become your own CA? If the user can't trust you, why are they visiting your site? (*) Complete instructions are here.
Sure, the browser asks the users to confirm (once only per browser per cert), but if you link from an unsecured splash page that tells them what to expect and how to react to it, they get over the shock just fine.
Expensive trust? Think of the RIAA: to artists, ``trust us because we can get you royalties''; to buyers, ``trust us because our stuff is legal [implication: and other people's stuff is at best second-rate]''. But it's similar to the one liner about big government: any organisation big enough to give you everything you want is also big enough to take everything you have.
(*) Note: IE ``the browser that reaches the places the other browsers miss'' has all manner of exciting ways to obliterate or export your precious data without warning you, and in some cases without you being aware that it happened. Oh, and it matters not whether this happens over an open link or through an SSL link sprinkled with with Thawte holy water. Where do you want your data to go today?
Got time? Spend some of it coding or testing
Two main reasons:
Trust - These certs are often a stamp of approval when conducting electronic commerece, etc, that the connection is secure, and that the party is who they say they are.
The first part is fairly straightforward. If you are using SSL then the connection is encrypted, and very likely secure.
It is the second part that makes certificates expensive. The Certificate Authorities (CA's) require a certain amount of information from you upfront before they issue a certificate. This is then used whenever you certificate is used to verify that you are indeed the person who originally received the certificate.
There are varying levels of assurance for this process. Most people opt for the basic level of assurance, which requires some paperwork and verifiable contact information.
There are additional levels which in some cases require your physical presence, a notary public, and some other contraints which I cannot recall, however, these are not used to my knowledge.
So, the root of the problem is that of trust. And trust is not cheap, when accounting for processing, maintenance, liability, etc. I beleive there is also a fair amount of cost to be considered a 'trustworthy' CA by the big browset CO's. Like Internet Exploder and Nutscrape.
If a non-profit cert company got set up with sufficient "trustability" (and that would actually take some serious legal doing) then their cert could be put in Mozilla. This may mean that it ends up in Netscape 6.x "by default" - as in, Netscape can't be arsed to take it out...
But I suppose "might" isn't good for a business model... on the other hand, the Mozilla organisation would almost certainly be sympathetic to any company wanting help to bring down the cost of SSL certs.
Gerv
Because I have had to work with them. The clue level was rock bottom, as they basically insisted that we were doing things that weren't possible, that there was no way in Hell that they would update their software to not require direct access to the hardware (ie. modem), and they felt that we were serious losers for not buying all our PCs an analog line and modem. Granted, they did use a SCO box to answer the phone at their end, but it was broken constantly, and each time they fixed the SCO box it required a painful reconfiguration and repair to their app, since they would never tell us when something went flooey. Very, very difficult to deal with as a company, but the were a couple of very helpful and easy to deal with front-line and support people. They were just as screwed as me, since they had to deal with their shit software and policies on a daily basis.
Obviously, I have a lasting impression of them that does not incline me to expect anything but a headache from them.
Have you had contact with them? Do you use them? Has the way they do business changed to the point where I could reassess them favorably?
--
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
Trouble is, you probably have to run the server on an MS-DOS machine, using M-LINK to communicate. Even after 2-3 months of talking to them, I couldn't get them to understand that our modems were not attached to the PCs, were not on COM2 and did not work with DOS. Their answer? Buy more phone lines, and a modem for each PC. It's 1999, you should have a modem for each PC.
--
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
Exactly, PKI is no joke... sure you can have peer authentication, but everyday people are *going* to make mistakes and add someone to their trust network that they can't neccessarily trust.
You are buying trust, and liability... if Verisign's infrastructure fails then they are liable for any damage to their customer's trust infrastructure. It may be that Verisign isn't setup for catastropic failure (do the research yourself). You need to see their contracts specify liability and how much, and who pays and who is backing them. Who provides their insurance? What does that policy cover? What's their PKI policy, how is this ENsured? How is that procedure audited?
This is why you pay.
And what would Verisign be forwarding, exactly? They never see the private key.
--
--
Mod up a post Rob doesn't like and you'll never mod again
So a customer can use SSL secured sites with knowledge that they have gone through a lot of work to make sure of thier identity, yet these very sites they visit may be operating through some ISP who offers SSL to a whole group of people!
Great, when my credit card number is stolen we can track down the trouble to an ISP that can just say "Sorrry, common carrier".
That's what really irks me about certificates. There is no gaurantee of trust whatsoever as far as I'm concerned, and it's just extortion at this point.
What does a certificate buy you? As a consumer, ALL I care about is that my communication is secured. Even if a company has (or seems to have) a certificate from a valid CA there is still NO WAY I am going to trust them with my credit card number until they have a reputation. What really needs to happen is a seperation of encryption and identification which are all wrapped in the same bundle right now.
I think all sites should just start generating thier own certificates. All it would take is a few big sites like Amazon to switch away from Verisign and the root CA's would be finished. The message you get isn't even all that bad, it looks so much like the message you normally see most people would just click right through it.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
What possible reason could there be to base the pricing on crypto strength ?
Because they can, it's as simple as that...
CA's are used to avoid man-in-the-middle attacks. SSH survives without CA's because it is assumed that a client will only be connecting to a handful of hosts, and therefore the user is able to personally verify each host key through physical means *. This assumption fails when applied to the web.
Your web browser currently ships with two (maybe more?) hard-coded keys: Verisign's and Thawte's. These keys are used to securely transfer the host keys of secure web sites you connect to.
I think each country needs its own CA, and I think browsers should ship with keys for all of those CAs. But it's really up to the browser vendors (by that I mean Microsoft, realistically).
* I know this doesn't often happen in the real world, but it should. You never know if your SSH connection is being relayed through another host unless you can verify the authenticity of the host key.
Hands in my pocket
If that's the case then who the certificates expire? Why are renewals almost the same cost as the new certificates? Why does a ceritifcate only apply to one server AND one DNS entry. If the cost of the certificate was due to someone verifying who I am then I should be able to make every single one of my server and subdomains be secure without paying extra. If I then purchase another domain and I present a receipt to the CA then I should be able secure every single subdomain of that too.
The real reason they can do this is because they have a monopoly.
War is necrophilia.
I did look at the other CAs, Most of them don't even sell to end users. I went down the list of CAs on IE and attempted to contact a good percentage of them and had zero luck. Most of them actually cost more then thawte.
Anyhow you failed to address any of my points.
War is necrophilia.
The use of the word "legitimate" in this case refers to the identity of the organization who have recieved the certificate. Verisign has gone to some length to verify that the certificate has been issued to the correct organization. So sure, Versign will ensure that the certificat they issue to Visa is actually being isued to Visa and not some Joe Scamartist looking to fish for credit card accounts.
But once again - this does not mean the business in question has legitimate business practices. Just because the Verisign certificate was issued to Joe's Imports, it doesn't guarantee that Joe's Imports will really honor the order for a PS2 I just placed and paid for with my credit card.
It might be worthwhile to point out that Verisign DOES support an ADDITIONAL program called WebTrust ( http://www.aicpa.org/webtrust/index.htm ). This seems to be a further step to linking a legitimate identity to a legitimate business practice.
For all the customer knows, the "Vendor Company" CA could actually be run by a malicious hacker trying to eavesdrop on his communications with your site. > when was the last time those who did know check the validity of a cert or the company that issued it?
A long time ago... Indeed, most of the times, the browser does it for me. However, it can only do this automatically if the cert is signed by a CA recognized by the browser.
> No thank you I would rather create, monitor, and control our own certs in house, and ensure that our information is to be used by our company solely.
This is ok as long as you only care about in-house communication, but what if you sell to outside consumers who have no way of doublechecking your certificates? First they'd somehow need to get your public key, or a fingerprint of it via a secure channel (telephone? postal mail? Neither is 100% secure), which would cost you lots of processing costs.
Next, if you're really so worried about whether Verisign and Trust-E are able to guarantee the security of their infrastructure, why should your customer believe that you are able to properly secure your private key?
There are some situations where you don't need to bother with CA-signed certificates:
- In-house use: install your own CA certificate in all user's browsers
- Customers with whom you deal in meatspace: hand them floppy disks with your certificate or public key, or hand them cards with your certificate fingerprint
- You just want to stop the casual eavesdropper, but are not concerned about sophisticated man-in-the-middle attacks
However, in the general case of e-commerce with customers that you never met physically, and where you care about security, certificates are indeed very useful.Errm, wouldn't it be more appropriate if the CA convinced the projects by showing that it takes its job seriously? Does the do reliable identity checks, or does it hand certificates out (in any name) to anybody who pays the fee? Is its network secure, or is its private CA key available to any 'leet script kiddie off the street? Just watching the size of the bribe^H^H^H^H^Hdonation seems to be awfully dangerous to me...
Btw, what do the current browsers companies do? Do they just make sure the payment is in, or do they also consider who the CA is? I'd date to hope it's the latter...
Very often, CA's certify each other. So Thawte could for example certify Verisign's certificate or vice-versa. That way, you'd only need one of them installed on bootstrap, whereas the other could be loaded dynamically in a 100% secure fashion.
Installing a new CA root certificate in your browser should be a concious choice. By doing so, you say that you trust the CA to properly verify the identities of parties to whom it grants identity certificates, that it appropriately manages its own security, and that it doesn't lightly delegate its CA authority to untrusted parties. There are some doubts about this last point, as it seems.
If your browser now doesn't warn you about potential security breaches caused by Equifax' carelessness, this doesn't mean that your browser is no more secure than IE, it just means that you, the user made a bad judgment by including Equifax's CA certificate in it.
While it costs almost nothing to make the certificate per se, checking the identity of the requestor, and maintaining the security of your certificate DB and CA private keys does have a cost. And what happens if somehow somebody tricks the CA into issuing him a fraudulent certificate which will then be used for hacking? Would the CA be liable for damages? Does it have to take out an insurance to cover these kinds of risks? What is the price of this insurance?
Why would they care what OS you run and how you are connected? Oh, they don't, they even list Apache + ssleay in their list of supported servers.
Equifax offers certs for as little as $79 per server. http://www.equifaxsecure.com/ebusinessid/
----- LoboSoft specializes in Digital Language Lab
I agree that SSL certificates are too expensive.
Personally, i don't give a rats ass about the 'Certification' aspect, i just want to be able to secure my web traffic in a user-friendly way.
It'll all be fun and games till we find out that Verisign promptly sends every key registered with them to the NSA for monitoring.
I gots ta ding a ding dang my dang a long ling long
Certificates at my company (Digital Signature Trust, at www.digsigtrust.com) aren't cheap either, but unlike most we have guarantees on our services. We're the only company in the world that's certified for many things like buying a house in the US with a purely digital signature (due to agreements with groups like Fannie Mae and the American Banking Association). We go through extensive (& expensive) industry and government audits to qualify (and we're the only ones who have passed in some cases). Make sure you are actually getting something valuable (proper authentication!) when you purchase digital certificates from anybody. A certificate without proper authentication and guarantees is worthless.
Very true, but ssh can be attacked via a man in the middle attack, especially on a persons first connection to a site (in theory, once you have the key, it will complain if the key changes (which would be a necissity for a man in the middle) - however, in practice, noone pays attention.
At least with a CA, you have someone certifing that "Certificate X is real", an dyou can verif that signature. So a man in th emiddle would need to get his bogus cert signed by verisign (or another trusted ca) - good luck on that.
Should just make a "web of trust" style system. Have sysadmins from ISPs and web hosters sign eachothers keys, and sign the keys of the peopel they host for etc...and build a big web.
hmmm its an idea anyway
-Steve
"I opened my eyes, and everything went dark again"
From the point of view of a customer, having a trusted third party to verify a web site's identity can help you know that a web site is probably who they claim that they are.... If people started scamming IDs with thawte or verisign ID,s it would break the trust that people have in thawte/verisign Certs -- that would lessen the value of getting thawte/verisign certs -- and browser builders (Netscape, MS, Mozilla, etc.) might stop putting their public root cert in their default cert list.
If all you're doing is talking to yourself, and people who know you personally, you can give them a copy of a floppy/CD with your root cert on it and they (you) can install it on the remote machine.
If you then generate your cite cert, and then remove the private key of the root cert from the machine then -- barring a breakin where your root private gets stolen/coppied, you have some physical certainty that your key is not compromised.
This, of course, requires that your machine remain otherwise secure.
----
I use my own, private cert, on my personal web site. I trust it completely. If I was going to be doing sensitive work remotely, I'd use it in preference to a thawte or verisign key -- however, I'd personally install the (my) root cert on my remote machine(s).
--
Free Software: Like love, it grows best when given away.
Does it require people to manually update their master certificates? This usually doesn't go down too well with joe-sixpack.
Then provide an "installer" program to update the certs. If Joe Sixpack will run elfbowl.exe or sextris.exe, then he'll probably run install-certs.exe. And if you play some cheesy animation while the certs are being updated, this program will spread just as fast as elfbowl.
All your hallucinogen are belong to us.
Will I retire or break 10K?
The kind of trust you get when you buy a certificate is one of traceability. You get the assurance that that magic number you hold can be traced physically to an established institution. Which means, there must be an office and all the installations of a company to pay for. There must exist a person who is ultiamtely responsible for those certificates, and there must be some way to locate and punish that person if the certificates are false. One cannot emit certificates from a virtual address, that would break the accountability chain and would be a logical impossibility.
Good point. Not that I don't trust verisign, but why would I trust some relatively unknown certificate provider in the Philippines?
I think it would be wrong to try to convince browser makers to add every kind of certificate authority by default. Instead, you should team up with the major ISP's in the Philippines (and ideally the government) to create a local one.
Now, why do you need the support of ISP's? Well, because (at least this is the case in my country, it might not be true in the Philippines) most users get a disk from their ISP when they sign up, and generally keep on using that software without bothering to download updated versions of the software over the net. These disks could add local modifications, such as adding the local certificate provider among the trusted authorities. This would most likely make 90% of the users happy, and the rest should probably be technical enough to understand how to add an additional authority themselves.
Ok, perhaps less than ideal, but I think it would solve the Philippine problem. If your site deals with international customers, you would probably have to resign to an expensive verisign certificate, or accept loss of customers due to confusion or mistrust. But from my understanding, the problem was mostly relating to Philippine websites targeting Philippine users. Case closed.
I don't know specifically about SSL, but I know when it came to buying something else from VeriSign, it was *cheaper* to go through a VeriSign affiliate than it was through VeriSign. It doesn't make a whole heck of a lot of sense, but companies that resell VeriSign products sell for less than VeriSign.
Go figure.
Maybe the state's highest function is to grind out insoluble problems. (Zelazny, Hall of Mirrors)
Silly me... I always thought it was their massive installed base of merchants that made these names valuable to consumers. Just goes to show how little I knew.
PJRC: Electronic Projects, 8051 Microcontroller Tools
So with that little marketing gem in the back of your head, go poke around the web and view the certificates for every SSL site you come to. Since I bought a cert last summer, I've taken a peek here and there, and the vast majority of sites with SSL certs are using Verisign, with a minimum price of $349.
The conventional marketing wisdom of pricing, Thawte is a give-away at $125. Verisign acquired Thawte some time ago, and they still haven't raised Thawte's long-standing price that's about 1/3rd of when Verisign charges. Since I use Thawte, I hope they don't raise the price... though it would probably be a good business decision, absent of other considerations (they're probably smarter than most monopolies and know they'd be acused of monopoly pricing).
Now these slashdot threads often are all sorts of comments about what's "right", when "should" and what "ought" to be. I'm sure a number of slashdot regulars reading this post will feel it's morally wrong... but before flaming, remember that setting prices is about Marketing. If some marketing guy came to me and starting spouting off about how to write code and design circuitry, he'd be just as far outside his area as I'd be (an engineer) trying to tell marketing experts that a price "ought" to be low because some small customers in other countries can't afford a cert (or at least will complain about the price).
Are the Thawte/Verisign prices a "rip-off"? Even if the product costs absolutely nothing (which isn't the case here), a good metric for pricing is what the market will accept. Thawte did quite well offering a lower cost alternative, but the truth is that they didn't overtake Verisign offering the same product at 1/3rd the price, so for most customers the price certainly isn't too high.
There was a brief time when I wasn't happy about having to pay $125. Maybe I even felt is was a "rip-off" for a while. The truth though, in the larger picture, is that even Verisign's price, at nearly three times when Thawte charges, isn't a big deal to most customers. It would be a very bad business decision to lower the price based on whining from a tiny fraction of the potential customer base.
PJRC: Electronic Projects, 8051 Microcontroller Tools
It has little to do with trust. For all practical purposes, web users trust exactly the CAs that their browser distributor "trusts". Except that "trust" is not the right word for the latter relationship. Probably only a few people really know a CA gets into the default "trusted" list of the major browsers, but it's not likely to be trust.
The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
Really? I'm fairly sure that if you serve your root certificate with an appropriate Content-Type, and Netscape will happily import it after confirming with the user. You can check Netscape's MIME mappings (in the preferences under "Applications") to see the handler and MIME type. I'd be rather surprised if Internet Explorer doesn't also support this.
If you've got a secure connection, who gives a crap?
My school runs a mail server running debian, and they've signed their own cert. We don't give a crap that verisign hasn't signed it. All we care is that it _is_ secure.
We'll probably get around to changing the date soon.
---
Desperation is a stinky cologne
You guys need to check out http://www.freecert.org. The project is designed to provide free or low-cost SSL certificates to individuals and qualifying organizations. It's a great project - and it would get a big boost with some more people. So go check it out and volunteer!
and what are the units? functions? lines of code? files?
Recursion (n): See recursion
That might be true for US companies. From Europe, all it takes to get a Global Id, is a phone number where Verisign calls back and verifies that the other side knows about the Global Id application.
And the real bummer is, they don't even require that the phone number is at the actual company the certificate is for. In our consulting company, we ordered many certificates for our clients and "verified" these certificate applications by being the point of contact for Verisign. And we were open about this against Verisign - we didn't make up a fake identity that we were actually our client.
Some of our clients do online banking. Needless to say, we regularily [sp?] point out to our client's management that these Verisign certificates are not worth a penny from the point of security. OTOH, as one needs a CA where the respective root certificate is already in the end user's browser, there is no possibility to use other certificates.
And, to be honest, from a risk management point of view, it's not so problematic. The damages that may occur by some imposter (who also would have to fake DNS on the Internet and/or hijack TCP/IP connections at a grand scale, btw) are not high enough to let the business opportunity slip away. It all boils down to the fact that there is no 100% security. You have to look at the risks, the damages that may occur, analyze them and decide if your're going to use this technology nevertheless. And for most B-to-C business, it's good enough.
Now, for B-to-B business, that's an other story because the sums involved are much higher and one usually doesn't have a money limit on the transfers.
Joachim
People don't write Manifestos any more -- what's going on in this world? [Frank Zappa]
What would it take to create an "open" certificate authority? It could be run by the FSF, or some other non-profit organization. It's hard for me to imagine that all the geeks out there couldn't unite and create a system that issues low cost or free certificates. Heck, slashdot could get into the CA biz! Just about anybody could, yahoo, amazon, wal-mart. What's so hard about it anyway? The only challenge I can see is verifying that people are who they say they are - right now an almost monumental task to prove to the CA's. Seems they want everything but a DNA sample.
I think no one has really complained about the price of a cert much because businesses mostly use this type of service, and for a business $125/year isn't that much. But what about individuals buying certs to secure private information - seems reasonable if you can get the cost below $40/year. There is a market here. I bet it's only a matter of time before someone starts to offer a lower priced solution.
I run a discount web hosting and web design company, and I think a lot of our customers would be interested in having some type of secure cert if the price wasn't above $40/year. Right now we just resale the use of our cert because the price is too high for them to get thier own. Something to think about anyway.
Perhaps if a new CA sprung up overseas, and charged reasonable prices in the local currency, it would draw business out of the US? Is that necessarily a bad thing? I mean, we already have American cruise ship companies whose boats are registered in Panama, the Dominican Republic and other countries. Maybe some small but moderatley web-saavy country could bring big $$ to their country by starting such a CA? (I mean, who would actually look to see that their SSL chain of trust starts in Togo?)
No, it shouldn't. But in reality, it does. Most people tend to things that are nice/clean looking over something that's been cut and pasted together. That's why marketing is everything. And good marketing comes from good image making. And you need money to make a good image.
Unfortunately that "one click" is owned by Amazon.
No, but if you had read the price sheet, you would see that they do add some consulting services with the 895$US package. (I don't know what they actually do for those services, but it is something other than just the extra 88 bits)
Not only is it a temporary offer, but at the very end of the registration process, you have to produce your companies' articles of incorporation. So it's great for a small business, but still doesn't help private individuals. Is there a solution for us?
Well, I run a few web sites, and I've thought about getting a cert from verisign, but thought better of it... It's just too expensive! At the moment I've just signed my own cert, but I am getting a free cert from GlobalSign. It seems though, that it is only a temporary offer - But I'm hoping they'll keep offering free ones, for charity or very small companies ;-)
I hope you can use it!
Any technology distinguishable from magic, is insufficiently advanced.
In Hong Kong, that's what the Post Office is doing. We also have an Electronic Transactions Ordinance to back it up legally. The Ordinance gives the Post Office CA official recognition by the government. This gives the CA much better legal authority than simple inclusion in major browsers.
Why do people prefer MasterCard, Visa, or AMEX? These are credit companies with history, and a somewhat good repulation. When I login to a secure site, and my brouser presents me with a cert, I like to see that Verisign or Thawte has "branded" that cert. While most slashdot users remember that https = secure, more "average" users just don't have a clue. Why Verisign? be cause they are the one that the masses know, and think that they trust.
As to startig your own CA, i quote from Webopedia
The role of the CA in this process is to guarantee that the individual granted the unique certificate is, in fact, who he or she claims to be. Usually, this means that the CA has an arrangement with a financial institution, such as a credit card company, which provides it with information to confirm an individual's claimed identity
So, you have to have money and connections, but it is possable to start one, even outside the US, as proved by this artical that talks about a CA in asia. Again with references to close ties with financial institutions.
Maybe there is hope, but it seams a pretty slim chance that just anybody can come up with code for encryption and then start selling them...
It's called price discrimination. Take in more revenue by creating cost-neutral differentiations in your product line that will sort out your clients based on their willingness to pay.
It's the same thing used by airlines when they requre a Saturday-night stay for discount fares. Perfectly acceptable business practice, in the absence of a monopoly (in which case the mildest of things can become abhorrent).
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
Read your browser's documentation to learn how to import your home-perm-kit CA's cert into the browser. Presto, no more warnings.
I don't understand what you're getting at here, but there's no difference between using one computer to create the certificate, and using two.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
This is for public use? Install a single SSL-enabled reverse proxy in front of your servers. Use a URL scheme that allows you to split the traffic as necessary.
Or, if it's for internal use, under no circumstances should you buy a certificate. There's absolutely no point.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
Yet, Thawte, which Verisign owns, has no such requirements. You can get a certificate from them that works just as well, for much less money.
Last time I applied for one, the only documentation they needed was a faxed copy of the Secretary of State's acknowledge of receipt of incorporation papers, and maybe an old phone bill or something.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
--
Top Most Bizarre/Disturbing Error Messages
Companies need to charge something to pay for the necessary checks to ensure you are who you say you are and also to handle revokations, etc. But $125/year seems kinda high, especially when you often need more than one certifictae to properly secure multiple services.
--
Top Most Bizarre/Disturbing Error Messages
With Verisign being a Network Solutions company... ooh wait, It's vice versa.
There should be different country "verisign" type SSL cert. providers, just in case of different currency interests. Nationalism is a slight concern here, as when currency is involved, most countrys like to deal with that "inside"
That's just mho tho
blah
You should read the article... Think about the CA business really good for a second.
CA sells certificates to ensure your data is encrypted between client and server. You, yourself as a vendor can create your own certificate which costs nothing. Now... do you know entirely that the CA company is entirely secure, simply because they claim to be?
Things to think about:
Who gave the right to these companies to issue certificates, their is no governing entity to monitor these companies security policies. Are their employees trustworthy, is their network trustworthy, whats the difference between seeing a "Trust-E" certificate and "Vendor Company" certificate?
Most people aren't really keen on whats going on between SSL on the client and server side, and when was the last time those who did know check the validity of a cert or the company that issued it?
So you mean to tell me you would dish out a couple of grand because a company "says its so and xxx certificate is the definitive line on secure services?"
No thank you I would rather create, monitor, and control our own certs in house, and ensure that our information is to be used by our company solely.
who's that girl?
360 degrees of Karma
Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure By Carl Ellison and Bruce Schneier
Very informative (mirrored) document explaining this question and others in detail.
Swedishporn
360 degrees of Karma
Actually, it's something of a hassle just to get a legitimate cert. You must, for instance, have a Dun & Bradstreet listing (among some of Verisign's irritating requirements.) Of course, it's possible to fake your way into it, but these companies provide a fairly decent level of identity verification.
What is really needed is various levels of cert from self generated ones that simply allow encryped connections all the way up to one that represents careful auditing and controls to surely verify the identity of the server on the other end.
The problem is that it's hard to explain to a browsing user exactly what level of authentication they're using. I mean, most people are just learning to look for that little padlock in the corner of the window. Imagine trying to explain the difference between a simple encrypted link and a fully authenticated connection in an unconfusing manner?
Anyone can generate their own SSL certificate, but what assurance does the customer have that you are who you say you are. It doesn't much matter if your transactions are done securely if they aren't go to a legitimate company. As anyone who has applied for an SSL certificate knows, it's not a 5-minute process. You have lots of online forms and paperwork to fill out, credit checks are done, and you need to provide documentation that your business is legitimate before companies like Verisign or Thawte (now owned by Verisign) will issue you a certificate. The have already done the footwork to ensure that the company you are dealing with is legitimate and not just some scam artist looking to collect credit card numbers. While the pricetag might not be cheap, $125/year is a relatively small expense for a business. Most commercial ISPs provide a secure server for their customers for little or no charge on top of their regular hosting fees anyway. It is money I'm willing to spend to gain my customers' trust. If your company can't afford $125 to gain my trust, I don't think I would be comfortable doing business with them in the first place.
The original article says the price of a VeriSign SSL cert is $349 USD.
I think it should be noted that according to VeriSign pricing the $349 is only for a 40-bit cert. The 128-bit cert is now $895 USD.
Root CA's are not just added to the browser's by default. The companies representing the CA must PAY Netscape and Microsoft to have them in there. And trust me, it is ALOT of money. I worked for a company that has a CA, and when we wanted to put it in the browsers, it cost us on the order of $200,000 US$ to get it in both. And if you don't have your CA in the browser's, and you try to setup SSL with the browser using a certificate issued by your unlisted CA, the browser freaks out, basically telling the user the site is NOT TRUSTED. This is a good mechanism in theory, but when the browsers charge this kind of money, it borders on holding a company hostage.
.
....
Of course, you can always manually import a root CA, but this is generally beyond the scope of Joe Six-Pack just trying to login to check his stock quotes.
Of course, the fact that now a handful of commercial companies are the only players in the game is normal. This happens with lot of new technologies. But, also as in a lot of technologies, there comes a time when the technology should be available to more people without having to support a few commercial players.
The idea of trust, which is what the main point is here, can also be handed to an open institute without the goal of profit making.
Just like open source software exists because it fulfills a legitimate goal (slashdot-readers know all about that), the trust needed to secure a website can also be laid in the hands of a trustworthy open institute.
The intellectual property isn't an issue here. A group of people in the know would relatively easy be able to set up such a secure institute for handing out certificates. It's not like this idea is patented. And I expect after a while this will be accepted by the Internet community, including browser makers etc.
Effectively, this will be accepted just like all the Internet protocols are accepted (and are in fact the basis of the complete Internet).