Slashdot Mirror
Free Certificate Authority Unveiled by Aussies
SonOfGates writes "Well, the Aussies have invaded Boston but at least they're not throwing tea into the harbor. AU-based nonprofit CAcert Inc has spent the last few days at USENIX '04 registering new users by the truckload. They bill themselves as a 'Community-Based CA.' Could this be the begining of a true 'open' certificate authority? See the O'Reilly story and press release."
The mythical "web of trust" we were supposed to have in Verisign/Thawte/etc... is finally comming true in a NON-PROFIT entity.
Too bad this cert isn't defaultly trusted by IE/FireFox.
Interesting side note: when I recieved the registration email from them, Outlook 2003 (yeah, I know...) marked it as "junk mail".
-Wes
While I normally think the government should keep its nose out of most places, I think this is one place where the goverment could actually do some good. Just like many states and goverments proved offically accepted picture IDs to individuals, I think they could easily set up a service to provide offical digital IDs to all the citizens. Companies like Verisign may still have a role in providing corporate certs, etc, but I think the goverment is the best way to provide a universally recoginized digital ID to everyone.
The whole notion that a Cert authority is needed is essentially bogus in my opinion. We've been rolling our own certs for years for all but the main e-commerce web servers. Who wants to pay the outrageous extortion fees Verisign/Thawte charge and jump through the goofy hoops? I bite my lip and do this every two years for the main web server just so my clients don't totally (unnecessarily) freak out at the prospect of a dialogue box popping up in SSL mode warning them that Microsoft's "paranoia-protection-money" wasn't paid-off.
The Cert authorities are a joke. We registered one CA with Verisign with virtually no documentation, and another time, when renewing an existing, different cert, they demanded everything short of a blood test for "authentication." It's nothing short of criminal considering they charge $200+ for something that takes 10ms to generate that they make people wait weeks for, and in no way guarantees superior security, and they'll make certs for anyone with money so the identity checking is BS and moot.
I'm all for a free certifying agency, but you can also roll-your-own with OpenSSL.
Somehow I don't feel all that secure when the site went down in 3 minutes...
"I say we take off, nuke the site from orbit. It's the only way to be sure."
I think the key to disrupting IE is by creating things it doesn't or won't support. It can't be done quickly, I don't think, but slowly, as the browsers merge in their usefull and techs that disdain MS help ignorant users to install and use them, MS can be made an equal player. Instead of a dominate force that will eventually control the US Media by holding the power of the infrastructure.
We are one consciousness experiencing itself subjectively. Back to you with the weather, Bob!
Does anyone else find it somewhat offputting that they include links to both validate their XHTML and validate their CSS on the bottom of their homepage, yet both return a number of errors stating that their page is neither valid XHTML nor uses valid CSS?
Even more oddly, for a brief instant when I went to their homepage, I got a default Apache index listing, rather than their homepage. It included links to things such as their PHP MyAdmin directory, a number of PHP files, and three zipfiles named Bruce-someversionnumbers.zip.
``Even if you won in court, you would lose financially if not insured.''
Unless you win the case, and the losing party pays for your court fees. This is common in countries employing civil law, as opposed to (mostly) former members of the Commonwealth that employ common law.
Australia might not have been the best place to found this organization.
Please correct me if I got my facts wrong.
So, you install the master cert from their website and visit an anonymous website, when the anonymous website pops up a cert. Will it display on my screen to install or will it be automatically installed because I have installed and trusted the master/root cert.
Not just anyone can get a CA cert. You have to be a business, I know verisign wants a copy of your business license, ect before they even issue you a cert.
It's not a big deal. It doesn't mean anything. It doesn't offer more security ultimately.
The majority of e-commerce sites on the Internet are NOT operating under their own certs. Many sites that offer hosted shopping carts use a central SSL server operating under an umbrella cert. Nobody really seems to have noticed, so what Verisign/Thawte are selling is not something consumers really seem to care about.
So you can get a free cert. I can generate my own damned certs already. However, if I have a cert that I've paid for, then usually people will trust that, because the cert authority has taken steps to verify that I am who I say I am.
It's that last thing that makes certs valuable, not the cert itself. A free cert is free because not many people are going to trust it, and with good cause.
I'm curious (not trolling, despite my sig), could you name something that Microsoft has that's open, that they weren't forced to use in order to compete (e.g. "shared source")? I'm trying, but I can't think of any myself.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
When you need to verify the absolute identity of someone you're dealing with, these companies, with their background checks (which aren't strong by any stretch of the imagination), certs by Verisign/etc may make sense.
However, the most common usage of SSL cert's is simply to enable encryption between two points. For this, there's nothing wrong with even a home-brew cert - validation of the cert via it matching the domain should be sufficient. A SSL cert generated by a 3rd party adds absolutely nothing to security, and it shouldn't do anything to reassure the customer/client that they're dealing with a legitimate operation.
Encryption between a website and their visitor shouldn't cost anything, and having companies issuing these certificates will (er, has) lent itself to corruption.
If we're going to have 3rd party CA's, it should be done by the government. These companies (i.e. Verisign) shouldn't have the right to monopolize this technology, which has become an absolute necessity for online commerce.
Useless: the root certificate is not currently in IE
I think the government should sponsor a CA. Sure, their databases are screwy every so often and are the very model of bureaucracy. They are also one of the most "trusted" authorities to most of the neophite users a warning would scare. Besides, they couple probably keep up with Verisign's often weeks long turn around on certificates pretty well. There's some economy and small business stimulation! Unfortunately, maybe some fraud too, but it may also lead to hucksters getting stiffer punishments and/or penalties.
US Democracy:The best person for the job (among These pre-selected choices...)
Very good point. It's a shame the same doesn't apply in criminal court. The accused (almost always a little guy) can be charged with virtually anything by the prosecution (ie, high potential cost), being coerced into accepting a plea-bargain for probation 90% of the time regardless of guilt (at least here in the US). So when it really counts litigation-happiness isn't an option. Go figure.
However, the most common usage of SSL cert's is simply to enable encryption between two points. For this, there's nothing wrong with even a home-brew cert - validation of the cert via it matching the domain should be sufficient. A SSL cert generated by a 3rd party adds absolutely nothing to security, and it shouldn't do anything to reassure the customer/client that they're dealing with a legitimate operation.
It prevents man-in-the-middle attacks. That's the most important reason for me to use a trusted CA.
I see it rather the other way around.
In a system where everyone pays their own legal fees, smaller parties are more likely to avoid lawsuits against bigger parties, because chances are the bigger party will continue the suit until the smaller one goes bankrupt.
I observe this in the Real World, too. Many important court cases in the USA seem to get settled, even though in Europe, the smaller party would probably have continued and won. This fits my expectations. That said, I have not done any solid research. If you can up with some data that proves me wrong, please do. The fewer unfounded prejudices, the better.
Please correct me if I got my facts wrong.
In a system where everyone pays their own legal fees, smaller parties are more likely to avoid lawsuits against bigger parties, because chances are the bigger party will continue the suit until the smaller one goes bankrupt.
You're assuming an open-and-shut case. For open-and-shut cases, this is probably true. But most cases are not open-and-shut. Loser-pays tends to discourage lawsuits whose favorable outcomes are not assured - i.e. most of them. Which I'll grant you includes most frivolous lawsuits, but some legitimate ones as well.
Case in point: guitar manufacturer Ernie Ball. When you get hit with a software EULA violation, you have to pay the SPA's legal fees if you fight it and lose. As Sterling Ball says in the linked interview, no one wants to fight it - everyone settles.
In terms of statistics, just compare the total number of lawsuits in the US and Europe. We have more suits of every kind, including more David vs. Goliath ones. Whether that's worth the price of ubiquitous litigation is open to question, but it is the case.
Thank you for your support.
Look at the folks settling up for the RIAA cases...granted most of these people were in the wrong and knew they were -- but some of the ones falsely accused also realized it would be cheaper just to pay up than deal with it.
Yeah, but knowing you're innocent and knowing you're gonna win are two different things.
Either way you are screwed.
Indeed. The law is a bear.
Thank you for your support.
Just a question, how much this is different than www.wildid.com
They require paper proof which doesn't mean that the digital property hasn't been misappropriated from its true owner. As it stands now if someone stole your server key and you wanted to use it on their own box they can, and you cannot revoke it and have your CA reissue your cert the way it should work. Sure, the user of that site gets a browser message but big whoop... people are used to pop ups and just click shit away that they don't care to see.
This physical paper trail does nothing to increase the security of the browser, it only works to increase the security of the information the CA has. Someone can forge documents and open up a site in your name and since you cannot "revoke" a cert there is no way for you to shut them down once the process is completed. All it takes it a little bit of letterhead, a borrowed ID, and some other (possibly faked) documentation. The last time I got a cert I lied about 90% of the information.. I think the only thing that was true was the phone number. Let's fact it... The CA has no authority to shut down your key once it is issued (since there is no revocation mechanism) and once you get past the screen it is game over. That basically means these certificates are worthless for identifying people since a particular cert doesn't identify a particular host or person since they are never EVER revoked... These companies are primarily concerned with making money rememeber.... Too much scrutiny is an empty wallet... It is not in their interest to turn you away... (you are a guarranteed $200 every 1-2 years, after all)
If there was a good PKI that all the web browsers in the world could plug into this wouldn't be a problem at all. But these browser guys are competing and patenting, and I doubt it will ever happen.
- Mind
I don't see the big difference between a self-signed cert and a CAcert. It's going to be virtually impossible for web sites to get their users to install their root certificate. Users are stupid. Generally, I don't expect they can click a link, much less add a cert.
I've been looking into using SSL on http://freeinternetpress.com . We're not a registerd company, nor do we turn a profit, so it would be an extra cost and hassle to get a real certificate. For us, the only reason to do it is to make some of our users happy by letting them browse by https.
A self-signed cert isn't any sort of magic, the instructions are in the OpenSSL documentation. I made it a step easier for people we worth with, I have a web page that they submit their information to, and it generates everything including the self-signed cert. There's no real magic to it, anyone (err, anyone with a clue) should be able to write the same thing in about 10 minutes. I spent an extra 10 minutes making it pretty.
People I deal with never use the self-signed cert. They just take the CSR and get the cert signed by a regular signing authority. What's the big difference if I sign it, or if I call myself "Joe's cert company" and start automatically signing certs? It's not much different than what CAcert is doing, other than the fact that they have a donation button on their page. At least with the people I make CSR's and self-signed certs for, I know who they are, and that I'm not accidently signing a fake microsoft.com cert.
Serious? Seriousness is well above my pay grade.
I have to agree, the website was designed badly. However, I'm sure that with increased interest and support, the website can and will be improved.
I have been a CAcert user since last November and an Assurer since March. I know the Marketing/PR director for CAcert has just had published an article about CAcert (once in an Aussie-Linux-type journal and, more recently, in ;Login: , the official magazine of USENIX, I believe). The article addresses several issues concerning the actual security, benefit, etc. of having a free certification authority. While I'm not sure when/where/if his article will be available in the states, I do know that the article has but to rest many fears about CAcert and (from what he tells me) has even converted some people over to the CAcert philosophy... Privacy is a Right!
X.509 binds names to keys; it's the name that matters in an X.509 system. But because there aren't enough bits in the human-language name to uniquely identify every entity of interest in the network, X.509 is based on X.500 naming, which mates the human-language name (common name, or CN) with that name's position in the global directory. Together they form the distinguished name, or DN.
X.500 naming, however, presumes a single, global namespace. The X.500 directory was intended to be a single directory for the entire planet providing unique, inescapable names for everyone.
Yeah, right. Like that's going to happen.
As a result, X.509 is carved into literally hundreds of local namespaces. But since we're stuck with the *name* as the principal, we have to use that X.509 name *globally*. There are multiple ugly kludges to get around the name problems as a result.
This makes X.509 complex, fragile, and difficult to deploy correctly.
But everyone (potentially) has a globally unique identifier-- the public part of an RSA key. Randomly generated, 2^42 512-bit RSA keys have a probability of colliding on the order of 2^(-429); even the SHA-1 hashes have a collision chance of 2^(-77). Keep in mind that we use 1024-bits as the default nowadays.
So if you use the public key as a name, it solves a whole raft of problems.
This is what SPKI/SDSI does. SPKI is key-centric; names are a local convenience; keys are bound to names instead of the other way around, and all names are local to that key. Every participant has a key pair. The public part is the identifier for the keyholder, and the keyholder authenticates himself simply by proving that he has the private part.
Keep in mind that the whole issue of binding keys to actual people can't be addressed by a PKI, it has to be addressed by strong key storage and access controls and is the same across for X.509 and PGP/GPG as it is for SPKI.
This is similar to the web of trust, but I don't need introducers (well-connected keys) to make it work right.
SPKI goes on to recognize that since authentication is simple, what we really need from SPKI is authorization. The whole of SPKI is intended to define a flexible method of allowing authorization *and authorization delegation* in a simple, distributed fashion. SPKI defines an authorization *language* so that authorizations can be chained *without the SPKI library knowing what the tokens actually mean*. This means that a single library can handle the permission sets of all applications. In addition, the language rules prevent all entities in the chain of delegations from being able to exceed the permissions he was granted.
Achieving the same under X.509 (using attribute certificates, for example) is next to impossible. ACs don't delegate (well, the standard itself says technically you can but you *shouldn't*); aren't truly distributed (i.e., the AC acts as a single choke point in granting permissions, which SPKI avoids), and doesn't model the way trust naturally flows in an organization of people (whereas SPKI allows you to source and pass around trusts in more natural ways).
Very cool stuff. SPKI shows up in all kinds of places. Carl Ellison's homepage provides the best jumping-off point if you want to learn more:
http://world.std.com/~cme/html/spki.html
-- Cerebus
If you, as a small corporation, non-profit or individual, go up in court against a large corporation or an ambulance-chasing shark, your chances or losing are better than not.
That's not the way it works in the UK. As a director of a small company that has taken a few larger businesses to court, I can tell you that most of the time, the smaller business wins. That's because most of the time, the smaller business is _right_, and that's what the court is interested in.
I'm convinced that the UK civil court system (which is not entirely a loser-pays system, but similar -- it's a "loser pays winner's reasonable costs if loser's case was unlikely to win from the beginning" system) works, and would suggest to anyone not to knock it unless they've tried it.
How is this different from the Web of Trust free cert service that Thawte provides? Same notarization scheme.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
I'e often wondered why mozilla.org doesn't start their own CA. Sell certs for a reasonable price like $50, and people would probably happily pay that price to know that they are also support browser development. Plus, mozilla.org can be sure that their CA will be included in at least one browser... :-)