Another CA Issues False Certificates To Iran

arglebargle_xiv writes "Following on from Comodogate, we have another public CA issuing genuine false certificates to Iran, this time for Google. There's speculation that it's a MITM by the Iranian government, but given the existing record of CAs ready to sell certs to anyone whose check clears, it could just be another Comodogate." Another (anonymous) reader says, "What might be worrying is that the CA behind the forgery is the official supplier of most Dutch Government certificates, diginotar.nl. They are supposed to be very stringent in their application process. As a Dutchman, I'm very interested to see how this one plays out." Adds Trailrunner7: "The attack appears to have been targeting Gmail users specifically. Some users trying to reach the Gmail servers over HTTPS found that their traffic was being rerouted through servers that shouldn't have been part of the equation. On Monday afternoon, security researcher Moxie Marlinspike checked the signatures on the certificate for the suspicious server, which had been posted to Pastebin and elsewhere on the Web, and found that the certificate was in fact valid. The attack is especially problematic because the certificate is a wildcard cert, meaning it is valid for any of Google's domains that use SSL."

Surprising?

[Mensa+Babe]

The only thing I find surprising is that stories like this are not more common. Various government agencies all over the world have been using fake certificates literally for years. Those are usually targeted at specific individuals being under surveillance so those are one-time stunts, limited in time and in network visibility, but all of those certificates in order to be useful have to be issued by certification authorities that are in the trust chain of the popular web browsers (Firefox, Chrome, Explorer, Safari, Opera). The problem with SSL/TLS certificates is that any certification authority from any country can issue a certificate for any domain, and they do occasionally. Most of those certificates are used only few times so they don't get any attention but sometimes they do. The trust model in SSL/TLS is fundamentally flawed and I agree with Dan Kaminsky and Bruce Schneier that we have to completely abandon it in favour of a trust model based on a secure DNS system, where there is only one authoritative source of cryptographic certificate for any given domain, instead of thousands like we have today. I have been telling this for years and I can only hope that people will eventually wake up and listen after stories like this one.