Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Has Gmail's SSL Certificate Changed, How Would We Know?

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes "Recent reports from around the net suggest that SSL certificate chain for gmail has either changed this week, or has been widely compromised. Even less-than-obvious places to look for information, such as Google's Online Security Blog, are silent. The problem isn't specific to gmail, of course, which leads me to ask: What is the canonically-accepted out-of-band means by which a new SSL certificate's fingerprint may be communicated and/or verified by end users?"

4 of 233 comments (clear)

  1. What happened to certificate stapling? by diamondmagic · · Score: 4, Interesting

    A few months ago, Google removed the ability in Chrome to staple a TLS/SSL certificate to your DNSSEC-signed DNS records: https://www.imperialviolet.org/2011/06/16/dnssecchrome.html

    It was finally a way to get an HTTPS secured website without needing to go to a CA. And they removed it.

    I just thought they were being incompetent as they usually were, but now I can't help but wonder if the NSA got on their backs about not being able to sign their own replacement certificate...

    --
    Wonder what the public key field is for?
  2. Revocation --- or Redundancy? by ron_ivi · · Score: 5, Interesting
    I wonder why HTTPS stuff can't require *two* certificates that validate. That way unless both CAs are compromised, the traffic's safe.

    It's just like any other single-point-of-failure in your network. You probably work with two telcom companies to make sure your website and/or company has network access. Why shouldn't you do the same for certificates. Buy one from a US CA, one from a Russian one, and one from a Chinese one, and if browsers could check to make sure *all* (or two out of the three, whatever) validate, unless they collude you should be pretty safe.

    Even better if one of those can be a self-signed one. You can even exchange those keys over normal boring https, and then unless your commercial CA was already hacked at the time you distribute your self-signed one, your self-signed one will protect against your commercial CA being hacked in the future.

    1. Re:Revocation --- or Redundancy? by Prehensile+Interacti · · Score: 4, Interesting

      These are similar thoughts to my own. It needs to be about a web of trust, and it might just work.

      If more parties are able to come along and say "I trust all these authorities" when it comes to doing business with me, this is the paradigm shift. I don't believe that there is *an* independent authority, I believe we should elect to allow *multiple* authorities to rate the trustworthiness of a certificate.

      At the moment, outside of high-end corporate who roll their own, it is the operating system provider making that trust decision for all of us in their selection of root authorities. Now Microsoft, Google and Apple are all on the PRISM slides, and Linux is probably compromised in its own way - not one of them do I want to be the sole gatekeeper of my trust.

      So, I believe that the 1st group that should be brought into this system are the banks. This is the group that has the most to lose financially, if you're the victim of fraud. Specifically *your* SSL, should be vouched for by *your* bank - with the condition that the online fraud protection on your bank account is only effective, if you were entering your card details in an SSL session they vouched for.

      Now I see a future where we all allow multiple people to vouch for the goodness of certificates and authorities (I think this extends to public keys too) - particularly our social network. Anyone we trust to vouch may approve or *disapprove* any cert. Any time we do anything requiring crypto trust, we should be able to see how all the people we trust feel about it. I have a number of friends I'd really trust to always do a secure key-exchange; I'd boost their scores. Beyond that, the wisdom of crowds is a not a bad fallback.

      We have to understand that trust is on an analogue scale. For many things it's fine that we don't have close to 5x 9s of trust. But when we do need to be really certain of who's on the other end, we should be able to push into our social network and see who will vouch for the other parties public key / certificate.

  3. Twitter, too by Lincolnshire+Poacher · · Score: 4, Interesting

    Another one that Certificate Patrol has flagged inthe past week is *.twimg.com, which appears to be a mess of certs from different CAs.

    One subdomain ( s0 ) has switched from a DigiCert EV wildcard cert to a Verisign per-subdomain cert.

    Another has gone from Verisign to Comodo.

    Annoyingly twimg.com seems to be embedded across the Web...

    I've been rejecting them all, given that Twitter provide no information on their site as to whether this was a planned change.