Slashdot Mirror

← Back to Stories (view on slashdot.org)

Are Some CAs Too Big To Fail?

Posted by samzenpus on from the they-don't-fall-down dept.

Trailrunner7 writes "In the wake of this weekend's revelations of the seriousness of the attack on certificate authority DigiNotar, security experts have renewed criticism of the Internet's digital certificate infrastructure, with some wondering if larger certificate authorities (CAs) might be too big to fail. Would Mozilla and Microsoft and Google have revoked trust in root certificates from VeriSign or Thawte had they been compromised? Unlikely. 'It's not a simple matter of removing certificates from a database, because they're not in any databases,' says researcher Moxie Marlinspike, who presented an alternative approach to the current SSL infrastructure last month at DEFCON. 'We may never track them all down.'"

3 of 163 comments (clear)

  1. Too big to fail... by houstonbofh · · Score: 4, Insightful

    Too big to fail means too big to give a shit. Failure is the motivator for performance. With no cost for bad performance, there is no incentive for good. Just ask the "big" banks, or better yet, ask the customers...

  2. Marlinspike's approach by AceJohnny · · Score: 5, Interesting

    Marlinspike's approach, implemented in a Firefox extension presented at DefCon '11, is to do away with the notion of CAs altogether in SSL, replacing it with a distributed network that reports on the certificate they see. Basically, if the certificate you see agrees with the rest of the network, then you're not being spoofed.

    He had previously explained the properties a replacement to the CA system had to demonstrate in order to be viable

    --
    Misleading titles? Inflammatory blurbs? Keep in mind that Slashdot is a tabloid.
  3. Alternative improvement idea by vadim_t · · Score: 4, Interesting

    So I've seen quite a few people wanting a switch to self-signed certs (who IMO mostly don't understand what making that secure actually involves), and an idea to check certs from different network paths (which doesn't work if your only path is compromised, and how do you secure the communication to the service that does the check for you?).

    So here's an alternative idea: Require multiple CAs.

    Instead of doing it the "extended validation" way which is more money for not a whole lot more service from the same provider, it'd be much better to have multiple CA signatures on a single cert.

    Compromising multiple CAs in the same timeframe to create a cert would be considerably harder than creating one. More importantly, it'd make revoking large CAs much easier.

    Let's say that the new norm is to have a site's cert is signed by 5 different CAs, and that the minimum acceptable amount is 3 signatures.

    Then, if Verisign gets compromised there's no problem with pulling their cert: you're down to 4 valid signatures on your certificate, which is still fine. That should put considerably more pressure on CAs to perform better.

    Even Verisign wouldn't be able to trust that their security problems would be let go due to their popularity, as even the largest CAs would be completely expendable without the end users needing to care much. The site would just go with a different 5th CA to return back to the full strength.