Slashdot Mirror
Mozilla Might Distrust Dutch Government Certs Over 'False Keys' (bleepingcomputer.com)
Long-time Slashdot reader Artem Tashkinov quotes BleepingComputer:
Mozilla engineers are discussing plans to remove support for a state-operated Dutch TLS/HTTPS provider after the Dutch government has voted a new law that grants local authorities the power to intercept Internet communications using "false keys". If the plan is approved, Firefox will not trust certificates issued by the Staat der Nederlanden (State of the Netherlands) Certificate Authority (CA)...
This new law gives Dutch authorities the powers to intercept and analyze Internet traffic. While other countries have similar laws, what makes this one special is that authorities will have authorization to carry out covert technical attacks to access encrypted traffic. Such covert technical capabilities include the use of "false keys," as mentioned in Article 45 1.b, a broad term that includes TLS certificates.
"Fears arise of mass Dutch Internet surveillance," reads a subhead on the article, citing a bug report which notes, among other things, the potential for man-in-the-middle attacks and the fact that the Netherlands hosts a major internet transit point.
This new law gives Dutch authorities the powers to intercept and analyze Internet traffic. While other countries have similar laws, what makes this one special is that authorities will have authorization to carry out covert technical attacks to access encrypted traffic. Such covert technical capabilities include the use of "false keys," as mentioned in Article 45 1.b, a broad term that includes TLS certificates.
"Fears arise of mass Dutch Internet surveillance," reads a subhead on the article, citing a bug report which notes, among other things, the potential for man-in-the-middle attacks and the fact that the Netherlands hosts a major internet transit point.
This is a tough question, because arguably corporate-held keys aren't trustworthy either, but if we are to trust government keys, we need to know what the terms of governance are, and in general we don't. In the U.S., for example, government eavesdropping rules are secret. So trusting a PKI cert issued by the U.S. government is crazy. Of course, governments can also often compel private industry, and as we've seen, private industry can also engage in corrupt practices or careless practices. Honestly, PKI is pretty rickety.
This is what happens when you try to pull a stunt like this.
Certificates are based on a system of trust. I trust a certificate because the issuer promises that it belongs to the party it was issued to. If that party now not only has the ability but also the obvious intent to intercept and snoop on traffic, the certificate is intrinsically untrustworthy. Because it can easily be used for such nefarious applications.
The Netherlands just made all their certificates along with every certificate issuing company under their jurisdiction untrustworthy.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Btw, Netherlands will hold a referendum on this new surveillance law, so Mozilla's action is warranted https://www.reuters.com/articl...
We have been existing for a long time without https, but now we want a certificate for everything, even places where is trust isnâ(TM)t needed. One of the issues I see is that there is a difference between trust and encryption, but the average user may not make the distinction.
Also, to the average user it isnâ(TM)t clear who the third party they are trusting is and whether they are any more trustworthy. This leads to the risk of blind trust and the consequences that go with it. A bit like afreeing to a EULA, without reading it.
Jumpstart the tartan drive.
So far this law is a proposal and it needs to be passed by parliament.
After some seven months of negotiations we've (the Dutch) just received a new coalition government based on four parties.
For some inexplicable reason they all believe this is a good plan though it looks like majority of the population is not convinced.
An advisory referendum will be held but one of the larger parties already announced they would ignore the outcome.
This government has a parliamentary majority of one and I would be surprised if they can pass this law without serious amendments.
Now I'm absolutely sure other nations do similar, except they did not pass these tricks by their parliament or in a publicised law.
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
It's good to see more governments acting to grant themselves the ability to overtly subvert PKI on a global basis while Google is busy removing the only technology standing any chance of offering end users a clue.
I'm sorry to break it to you, but your IQ was 50 before the name change too, as evidenced by the fact that you changed your name to Hognoxious Turkeydance Mightymartian.
-=This sig has nothing to do with my comment. Move along now=-
The current system with the hierarchy where a single CA is the only one deemed trustworthy enough is broken since a long time. A new solution is necessary where cross-signing with multiple CAs on a single certificate is necessary to measure how trustworthy a certain certificate is.
Done correctly this would ensure that a single CA isn't able to hold the full key for signing either. This would of course require a completely different architecture in the trust structure.
In addition to this - the keys used to get authorized by a CA could be built redundant so even if one single CA expires your key the redundancy would keep it valid - this would lower the risk caused by CAs going bad, suffer an intrusion or going out of business - or just suffer a denial of service attack.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
There are a number of proposals out there for alternatives that would supplant or replace CAs as the root of trust on the web. Storing keys in DNS via DNSSEC and DANE for one .EFF Sovereign Keys proposal. And I swear there are others but I cant find any right now.
Right now we are in a situation where any one of who knows how many CAs can produce a valid certificate for a web site without the web site even knowing it (and can do so for any number of reasons including a rogue employee, a government or government agency forcing them to do it or a hacker compromising the system and stealing the keys as happened to another Dutch CA, DigiNotar)
Why has there been no interest in supporting these alternatives that eliminate the possibility of CAs producing bogus certificates?
The US state has little in the form of public CA authorities. I think Staat der Nederlanden was the first âoegovernment owned CAâ publicly trusted in browsers.
Custom electronics and digital signage for your business: www.evcircuits.com
This is why Dutch people should vote pirate party. The pirate party has been opposing these kind of regulations since it's inception, for good reasons. If they would get only one seat in the dutch house of parliament (tweede kamer) that would mean having the chance to be heard instead of years long silence in this digital age. Why would you let technology-scared people rule the future?
This is exactly right. If a browser trusts a signing authority, that authority can sign for any domain.
You don't need to split the key to do this, so this is actually not that hard. A simple matter of standardization... :)
A new solution is necessary where cross-signing with multiple CAs on a single certificate is necessary to measure how trustworthy a certain certificate is.
That sounds awfully like PGP's web of trust. Which, come to think of it, isn't a bad idea.
Ezekiel 23:20
> One of the issues I see is that there is a difference between trust and encryption, but the average user may not make the distinction.
There actually isn't much difference, in use cases TLS is normally used for. Or more specifically, you can't usefully have one without setting up the other. To have useful encryption you must identify the other party, and to trust their identity you must have, at minimum, cryptographic signatures of the your personal challenge key with server's key and the data (at which point enciphering the data comes almost for free).
Suppose you wish to have encryption, without trusted authentication of identity. You want the connection between your browser and your bank to be encrypted (not readable by anyone else), without ever ensuring that you're talking to the bank's server. You'll end up with an encrypted connection between you and the bad guy. You think your browser is talking to the bank's server, but it's really talking to the bad guy's server. Given that the whole point is to prevent the bad guy from reading exchange, setting up an encrypted connection to the bad guy is effectively the same as no encryption at all. The bad guy can read the data.
Suppose you want identity (confirm the message was actually sent to you from the bank). You must ensure that no man-in-middle has changed the message along the way, or the message you receive is no longer the message from the bank, but instead a message from hacker. The message must therefore include at least a cryptographic signature on the bank's public key and your challenge bytes (for replay prevention). While not exactly encryption per-se, that's 90% of the way to encryption.
So encryption and trust of identity are very closely linked. Useful encryption requires trusted identity. In special cases you can theoretically use null encryption to throw away the encryption and maintain only identity, but at that point you already have everything you need for encryption and you haven't made anything easier.
Brave is going to take a big chunk out of both Chrome and Firefox once it exits desktop beta.
This is only tangentially related, but it needs to be reposted at least once a year.
BlackHat USA 2011: SSL And The Future Of Authenticity — Moxie Marlinspike
Hilarious Comodo story begins around 5 m mark.
Slide at 10:48 has only become funnier in the meantime.
So this is how electronic government services are killed -- not by a fierceness of a DDOS attack, but by conflicting values and goals in the global Internet.
You forgot the thunderous applause.
Bluecoat Systems. Google it.
If they remove the dutch CA, then they should also remove every american CA as they have the same duty to obey to create certificates if an US government agency asks them to (and in most cases aren't even able to talk about it).. So blocking the dutch CA is only a very hypocritical move if they don't do it with other CA's.
But you're still Anonymous Coward to your friends, right?
You're one desperately sad fucker.
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
Libertarians; they just can't wait to stick a quarter into a toll booth on a coca-cola sponsored sidewalk, and scrape the dung off a nice, juicy steak.
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
because: http://gs.statcounter.com/brow...
We'll make great pets
Thank god the Dutch have no living experience with a mass-murdering dictatorship that would abuse such power to maintain its power, and the last time they did was so distantly remote in the past that they can so rest assured of it never happening again that they can hand over such power for prosaic crimes and never fear a loss of freedom again!
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.