1

In the unlikely event that a root CA is breached (eg. Comodo, DigiNotar), how should people and companies respond?

(Assume the people responding practice infosec & are aware of the problems of such a compromise)

Possible responses:

  • Assume much of the internet is insecure and temporarily stop/minimize using it
  • Continue internet usage as usual, watching out for issues using common sense
  • Remove certain certificates from the browser and continue with the internet
ChocolateOverflow
  • 3,472
  • 4
  • 17
  • 34
  • 1
    Compromises of a CA in the past where never a standalone event where every user had to decide by its own how to proceed. There were actions by the browser vendors and others to quickly protect the users. Additionally the actual impact of the compromise was discussed too. Therefore: act depending on the available information and on the personal risk. – Steffen Ullrich Jul 15 '20 at 08:56
  • So we just let the browser vendors & CAs handle everything, follow the news and proceed as normal? – ChocolateOverflow Jul 15 '20 at 09:12
  • To cite myself: *"... act depending on the available information __and on the personal risk__"*. So if the available information combined with your personal risk suggest that you are specifically impacted by the problem you might need to take additional measures. What these are depends on your specific risks. – Steffen Ullrich Jul 15 '20 at 09:45
  • As a user, you can view the cert, to check if it was signed by a CA that was breached. Following the breaches that you referenced in your question, many sites that had been using certs signed by the breached CA replaced their certs with new certs signed by a different CA. – mti2935 Jul 15 '20 at 11:40

1 Answers1

2

Certificates protect against man-in-the-middle attacks, which are already pretty hard to accomplish on the open Internet. The attacker usually needs to either control a router between user and website or the DNS server used by the user. That's not something a wannabe cybercriminal can pull off from their basement. That's something which is usually done by state actors.

For most regular users it would be good enough to just let the browser vendors assess the situation and wait for them to revoke the root certificate with the next update if they deem it necessary.

But when you are working in a particularly sensitive industry targeted by highly sophisticated attackers, then you might opt to remove the CA's root certificate from your browsers certificate store yourself (how to do that depends on the web browser you are using). The result will be that any website which has a certificate issued by that certificate authority now generates a security warning. You can of course choose to ignore that warning and keep browsing it under the assumption that what you see might actually be a fake website provided by your attackers.

Also note that some websites might use certificate pinning. So your browser will remember who signed the certificate when they first saw the website and reject a certificate by a different certificate authority.

Philipp
  • 49,017
  • 8
  • 127
  • 158
  • I'm mainly worried about malicious attacks creating their own certificates like with the DigiNotar breach, leading to manipulation of people's traffic & data. – ChocolateOverflow Jul 15 '20 at 14:36
  • 1
    @JohnZhau [The DigiNotar case](https://en.wikipedia.org/wiki/DigiNotar) was pretty much what I described in the first and second paragraph. The attacker appeared to be a state-level actor (with the US and Iran accusing each other) and as soon as it was known to the public, the browser vendors kicked DigiNotar off their root CA lists. – Philipp Jul 15 '20 at 14:42