Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla Might Distrust Dutch Government Certs Over 'False Keys' (bleepingcomputer.com)

Posted by EditorDavid on from the forgoing-Dutch dept.

Long-time Slashdot reader Artem Tashkinov quotes BleepingComputer: Mozilla engineers are discussing plans to remove support for a state-operated Dutch TLS/HTTPS provider after the Dutch government has voted a new law that grants local authorities the power to intercept Internet communications using "false keys". If the plan is approved, Firefox will not trust certificates issued by the Staat der Nederlanden (State of the Netherlands) Certificate Authority (CA)...

This new law gives Dutch authorities the powers to intercept and analyze Internet traffic. While other countries have similar laws, what makes this one special is that authorities will have authorization to carry out covert technical attacks to access encrypted traffic. Such covert technical capabilities include the use of "false keys," as mentioned in Article 45 1.b, a broad term that includes TLS certificates.
"Fears arise of mass Dutch Internet surveillance," reads a subhead on the article, citing a bug report which notes, among other things, the potential for man-in-the-middle attacks and the fact that the Netherlands hosts a major internet transit point.

14 of 112 comments (clear)

  1. Does it make sense to trust any govt key? by mellon · · Score: 4, Insightful

    This is a tough question, because arguably corporate-held keys aren't trustworthy either, but if we are to trust government keys, we need to know what the terms of governance are, and in general we don't. In the U.S., for example, government eavesdropping rules are secret. So trusting a PKI cert issued by the U.S. government is crazy. Of course, governments can also often compel private industry, and as we've seen, private industry can also engage in corrupt practices or careless practices. Honestly, PKI is pretty rickety.

    1. Re:Does it make sense to trust any govt key? by sjames · · Score: 3, Informative

      The problem is the whole system is set up so you either trust a key signer for any key they sign or you don't trust them at all. There isn't currently a mechanism where you can conditionally trust a key signed by a government.

    2. Re:Does it make sense to trust any govt key? by Anonymous Coward · · Score: 4, Informative

      True, the current system is and always had been broken by design. It only takes one foul apple to spoil the whole dish.

    3. Re:Does it make sense to trust any govt key? by omnichad · · Score: 2

      Right, but the US government doesn't issue certificates for anyone else. In the Dutch case, however, I do support removing trust.

    4. Re:Does it make sense to trust any govt key? by sjames · · Score: 2

      Worse, most of the brokenness including not being able to sign sub-certs with a cert from my primary domain and the lack of conditional trust are driven by the desire to sell more certs rather than security concerns or technical limitations.

    5. Re:Does it make sense to trust any govt key? by syzler · · Score: 3, Insightful

      However if crypto toolkits would finally implement and actually validate certificates using "DNS-Based Authentication of Named Entities" (DANE), then all of this is moot since the DNS operator for a site would be able to specify which specific TLS key is being used by the site with a few DNS records. A government entity wouldn't be able to man in the middle a TLS connection without either cracking the TLS keys themselves or by compromising the the root DNS server keys.

  2. Governments, take note by Opportunist · · Score: 5, Insightful

    This is what happens when you try to pull a stunt like this.

    Certificates are based on a system of trust. I trust a certificate because the issuer promises that it belongs to the party it was issued to. If that party now not only has the ability but also the obvious intent to intercept and snoop on traffic, the certificate is intrinsically untrustworthy. Because it can easily be used for such nefarious applications.

    The Netherlands just made all their certificates along with every certificate issuing company under their jurisdiction untrustworthy.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    1. Re:Governments, take note by Opportunist · · Score: 4, Interesting

      Then we're down to doing what organizations with elevated security needs already do. Issue their own certificates, transport them to their partner via a secure channel and pin the certificate, i.e. to be valid, the site has to present this certificate, exactly this certificate and only this certificate.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:Governments, take note by cstacy · · Score: 3, Insightful

      This is what happens when you try to pull a stunt like this.

      Certificates are based on a system of trust. I trust a certificate because the issuer promises that it belongs to the party it was issued to. If that party now not only has the ability but also the obvious intent to intercept and snoop on traffic, the certificate is intrinsically untrustworthy. Because it can easily be used for such nefarious applications.

      The Netherlands just made all their certificates along with every certificate issuing company under their jurisdiction untrustworthy.

      What makes anyone think that certain various intelligence agencies (such as those in the USA and Europe in general) do not already have the means to sign "false certificates"? Through government intimidation, secret procedures, etc. In what way are the corporate-based CAs not secretly influenced by the government(s)?

    3. Re:Governments, take note by Opportunist · · Score: 4, Insightful

      Too high a risk to take.

      Blanket use of forged certificates would make it near impossible that such behaviour isn't eventually noticed, which would instantly lead to the whole certificate chain system coming down.

      If anything, such a tool would be used very carefully for high profile targets.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  3. Referendum by Anonymous Coward · · Score: 2, Informative

    Btw, Netherlands will hold a referendum on this new surveillance law, so Mozilla's action is warranted https://www.reuters.com/articl...

    1. Re:Referendum by bokkepoot · · Score: 3, Informative

      Btw, Netherlands will hold a referendum on this new surveillance law

      The referendum to be held is only valid if 30% of the eligible voters actually vote, and even if it is valid, it is (only) an advisory referendum.

      Also, 2 of the major parties have already spoken out as to ignore the results of the referendum, whatever they may be, and continue with this surveillance law.

  4. Firefox removes a CA while Google removes PKP by WaffleMonster · · Score: 2

    It's good to see more governments acting to grant themselves the ability to overtly subvert PKI on a global basis while Google is busy removing the only technology standing any chance of offering end users a clue.

  5. What happened to the alternatives? by jonwil · · Score: 2

    There are a number of proposals out there for alternatives that would supplant or replace CAs as the root of trust on the web. Storing keys in DNS via DNSSEC and DANE for one .EFF Sovereign Keys proposal. And I swear there are others but I cant find any right now.

    Right now we are in a situation where any one of who knows how many CAs can produce a valid certificate for a web site without the web site even knowing it (and can do so for any number of reasons including a rogue employee, a government or government agency forcing them to do it or a hacker compromising the system and stealing the keys as happened to another Dutch CA, DigiNotar)

    Why has there been no interest in supporting these alternatives that eliminate the possibility of CAs producing bogus certificates?