Slashdot Mirror
Free Certificate Authority Unveiled by Aussies
SonOfGates writes "Well, the Aussies have invaded Boston but at least they're not throwing tea into the harbor. AU-based nonprofit CAcert Inc has spent the last few days at USENIX '04 registering new users by the truckload. They bill themselves as a 'Community-Based CA.' Could this be the begining of a true 'open' certificate authority? See the O'Reilly story and press release."
when Microsoft released that update for IE that included lots of new CAs? Anyone think this one will be included in the next one? My guess is no, judging from Microsoft's general resistance to anything open.
;)
But, we might be surprised. Opinions anyone?
ps. Maybe they should patch the browser first
bash: rtfm: command not found
I'm sure Mozilla/Opera might, but what about Microsoft? If Internet Explorer doesn't support it's unfortunately not very useful.
Stumbling blocks would be that Verisign would still be the expensive 'gold standard' for quite a while because its always been compatible from the earlydays in the most number of browsers, and another would be getting enough funding to pay for the identity check and other redtape that it takes to really be a 'trusted' cert authority.
I wonder what the cheaper CA's like thawte and geotrust think...
--
Power to the Peaceful
This is one of those things we all say to ourselves "they should do this," yet it never happens. I'm really glad to see this. I can't wait until I can start recommending clients to them and supporting them with large (yet still much cheaper than Verisign/Thawte!) donations. :)
While I agree with you completely. It all depends on what you are using it for.
The problem with rolling your own is when a browser hits it, it burps up an error saying it can't verify the validity of the cert. Depending on what you are using the cert for, who cares.
I have my webmail server forced through https with a self signed cert. If someone that uses my webmail server doesn't like it it's no skin off my butt (I provide free mail to a few friends).
For any business sites that I setup I suggest InstantSSL, they are cheap, fast and trusted by pretty much any browser around. And that is the important part when selling to the public, that they don't get some warning. Most of them will never even look to see if the page is encrypted but if they get some funky warning odds are they will leave.
I don't see what everyone is crying about certs costing money for. Seeing as how i've setup online shops for several people using certs, I think for what they do, the cost is justified.
Not just anyone can get a CA cert. You have to be a business, I know verisign wants a copy of your business license, ect before they even issue you a cert.
Now we got this "open CA". Who is going to check if these are legitimate businesses? Will there be any checks done at all, or will it just be "by the truckload" as the headline said?
I'm all for saving a buck as much as the next guy, but when I shop online, knowing that the cert came from a trusted source that actually checks if it's issuing a cert to a legitimate business like verisign or thawte puts my mind, as well as the minds of a lot of others.
If you, as a small corporation, non-profit or individual, go up in court against a large corporation or an ambulance-chasing shark, your chances or losing are better than not. Loser-pays systems therefore discourage discourage lawsuits by the little guy against the big guy, and make the little guy more likely to throw up his hands and settle when sued by the big guy.
Although they certainly do make for litigation-happiness, overall the non-loser-pays system is healthier for democratic participation in the legal system.
Thank you for your support.
The problem with non-loser-pays is that small organizations/individuals can't afford to fight at all, even with a rock-solid case, because they'll run out of money before it's over.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
No infrastructure? No talking to servers? Que?
Without CA's and revocation information, SSL-style (RSA) public key infrastructures are useless. That means every client needs access to recently updated and TRUSTED revocation lists to make sure that no cert's have been forged or stolen. Every meaningful SSL client should periodically verify that any server certificates it uses are and remain valid. Using the CA's public key is absolutely NOT sufficient.
But the question is .. which government?
;] )
The net spans more than one country. Or each government could provide certs for its own citizens; but then there will be trusted and untrusted goverments.
Possibly this is a role for the UN ( who have been searching for a role for some time now
WTF?
The same could be said the other way.
The fact that a big guy can sue you and you know its going to cost you tens of thousands of dollars for minor inconviences means that you will also pay, thus its more likely that you will settle up for the fraction of the cost regardless of whether you were right or wrong.
Look at the folks settling up for the RIAA cases...granted most of these people were in the wrong and knew they were -- but some of the ones falsely accused also realized it would be cheaper just to pay up than deal with it.
Either way you are screwed. Overall, one way discourages one from sueing the big guys, while the other discourages going to court when being sued by the other. Its a null sum and as such, it would be healthier to make the looser pay up -- but this of course would require folks to have true conviction in their beliefs instead of the morons that sue for anything...it would also mean big business wouldn't be throwing out C&Ds and otherwise knowing that no one wants to deal with them and as such removing law firms acting as a private law enforcement agencies.
I think you're forgetting the part about actually verifying the authenticity of what they're signing.
IE, If I send them a certificate signing request with my public key and a name of George W Bush on the CSR, are they just gonna go ahead and sign it and give me a certificate stating that I'm George W Bush?
Certficate authorities usually require you to provide them with proof of your identity, like faxing you a driver's license, birth certificate, buisness license, trying to contact you at the stated address and phone number, etc... if they didn't do this, they wouldn't be very useful CAs... the certificates they issue would be meaningless.
Of course, this is not to say that the expensive commercial CAs are trustworthy simply because they charge money... not at all. But to be an useful CA you need to have the manpower to verify the stuff people ask you to sign. I wonder how this free CA will accomplish that.
Exactly how many certificates have you seen revoked? And how many of these revocation lists are going around? I agree that the implementation of the certs is screwy, since basically it means nothing at this point other than the fact that you are communicating over SSL. Basically from a browser standpoint the implementation of certificates is completely worthless since the authentication checking is just not there. The X.509 cert's were originally designed to completely authenticate that you are talking to the host/person you intended to. Since browsers currently do absolutely nothing but a check vs. the public CA key basically any cert the CA issued regardless of status (other that those that have expired with time) are complete valid certs. They could have been forged, stolen, or otherwise abused but we trust them anyway... Really a sad state of things.... X.509 revocations do exist, but since there really is no universal Public Key Infrastructure (for the non-security guru), or rather the browsers don't even TRY or HAVE A WAY to validate them in most cases they really don't mean much at all...
-Mind
My question is, since (currently) IE is the dominant browser, the value of this service is going to depend upon whether or not this new CA can be designated as "trusted" by Microsoft.
We know this ultimately comes down to how much Microsoft would charge for this certification. Does anyone have any idea what the costs are? I imagine it would be some sort of subscription arrangement where you have to pay in perpetuity to Microsoft in order to not have your trusted status revoked. But how much? And would Microsoft let an open CA even exist in the first place?
The thing is, a email / personal cert from Verisign etc. comes with no guarantees that the signer is actually who they say they are. You could impersonate someone quite easily just by typing in bogus details.
Verisign doesn't audit you or vouch for you, so the cert is essentially worthless. It's a few bits that say Verisign touched it but that's about all you get for your ten dollars or whatever it is these days. If you want Verisign to actually vouch for you, you're looking at paying hundreds or thousands for a cert.
And after a 6 months, a year or two the cert expires and you have to start the process all over again.
A free CA is a good thing, but again it says nothing about the authenticity of the site / person who obtained it. I think that in itself would be an extremely valid reason for Microsoft to refuse to acknowledge them for anything but email. i.e. recognize the cert for email addresses, but not for SSL or signed executables.
On the small scale, PGP is a much better model. Anyone can make a key and start passing it around. You can get other people to sign the key if you want, but it's perfectly usable for crypto from the get go. Not only usable but faster too - as anyone who's tried to encrypt something large with RSA already knows. In fact extensions such as Enigmail for Mozilla are arguably easier to use than the built-in S/MIME.
On the signing front, I really wish Mozilla / Firefox would use PGP certs too to sign their XPI files. At present no one signs XPI files (reason: they're too expensive). If an XPI file were signed with a PGP key, you could drill down through the signers and reasonablly gauge the trustworthiness of the author. Hell, PGP doesn't even preclude CAs from doing business since they can sign keys just as well as the next person and charge for it.
There are two problems with this. As another message pointed out, not all governments are equally trustworthy. Would you trust an ID issued by Nigeria? Or would you wonder how easy it is to bribe a Nigerian official to issue one in any name you wanted?
Now look at it from the viewpoint of a Nigerian citizen. How can he/she get acceptable ID? Clearly, not from the government.
The second problem is that some people are stateless, i.e. no government acknowledges them as its citizens. There are many countries which do not grant automatic citizenship to persons born there (Germany is one). And there are a few governments which give themselves the right to cancel the citizenship of one of their own citizens.
But we have to be careful that we don't let our "wish to believe" blind us to the need for some caution here. Take at look at CACert's site. You'll find carelessness, spelling mistakes, pieces that have not been thought out. Running a CA properly requires meticulous attention to detail, and their site shows the opposite. On the very first page when you sign up, it asks for your name, date of birth, and "country". Is that country of citizenship, or country of residence?
Then there's the reliance on "government ID". If somebody presents Nigerian ID, or Dominican Republic ID, what exactly is that worth? It's not worth anything, you can bribe officials in those countries (and many others) to issue whatever official document you want. Does that mean that citizens of Nigeria can never be trusted? That's well over 100 million people in just that one country, most of whom are honest and trustworthy. It's ridiculous to exclude so many people from receiving certificates just because their bureaucrats are corrupt, and it's completely contrary to the transnational spirit of the Internet.
In conclusion, the idea behind CACert is a good one, but the people running it don't seem to be doing a good job. I hope that somebody else takes up the idea and does it better. There is no reason why there should not be more than one volunteer-based CA.
...those that produce a warning in browsers, and those that don't. Most everything else, is all the same to 99,99% of the people.
Kjella
Live today, because you never know what tomorrow brings
Might want to update that potentially useful link to take the typo out of the URL: InstantSSL.
How To Get Humans To Mars
Some time this past year, Sun revoked their cert they use for the PatchPro automated patch system. I use the system so infrequently (as opposed to the monthly use of Microsoft's SUS) that when it was revoked I had to look up how to get the new cert onto all the Sun systems (update the SUNWcert package).
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
The whole point of X.509 certificates is that your name is attached. It's meant for verification of identity, not anonymous transactions. If you took away the name component, there would be no security because the other party has no guarentee that you are who you say you are. It'd be like having a driver's license with no name or picture, just a little notice saying that "someone" is licensed to drive. If you need some secure way of making anonymous transactions, I'd imagine a one-way auth system like SSL would work better.
Karma: Contrapositive