6

There has been a lot of news recently about certificates being falsely issued (due to the issuing authority having poor system security!). Apparently the targeted users were mostly Iranians, but it's not hard to imagine this happening to anyone.

My browser comes pre-loaded with hundreds of certificates. Is there any way to guard against rogue certificates?

Note: I realize this is more of a "security" issue than a "cryptography" issue, so please feel free to argue against these kinds of questions in the comments if you feel it's out of bounds for this forum.

AviD
  • 72,708
  • 22
  • 137
  • 218
Fixee
  • 1,565
  • 2
  • 15
  • 24

3 Answers3

6

Well, the SSL relies on the fact that you "trust" the party issuing the certificate - and current setup is that any CA can issue a certificate for any domain. There have been projects that try to implement the Web of Trust infrastructure for SSL certificates, in which the community confirms the authenticity of the certificate. But still - you have to trust the community.

For example, there's Perspectives project. It's a Firefox extension allowing you to choose a 'notary server' that checks if certificate presented to you is the same certificate other users see (so that would detect Man-In-The-Middle attack).

There's also a brand new project called Convergence.io made by Moxie Marlinspike that's based on Perpectives' ideas but allows for fine-grained configuration. Currently it's the best one and it seems to quickly gain attention. I'd recommend installing Convergence.io.

Krzysztof Kotowicz
  • 4,068
  • 20
  • 30
4

There are a couple of methods that I've seen which can be used for helping protect against rogue certs.

Cert Patrol is a firefox plugin which notifies the user when previously accepted certificates change.

Convergence is more of an alternative to the traditional CA system.

Also Google hard codes the legitimate certificates for their services into chrome, which could help with that specific scenario, but isn't a solution for the wider case.

Another idea I've seen suggested, but not implemented as yet, would be to have multiple signatures on a certificate, so for example getting 3 CAs to sign a given cert (although you'd think that this would need some browser integration so it would accept that one and not a single signed cert for the same domain). That doesn't really address the root cause but could help in reducing the likelihood of a single CA compromise allowing for complete breach of the SSL trust setup.

Rory McCune
  • 61,541
  • 14
  • 140
  • 221
3

@JeffFerland wrote this blog post on the topic of "Fixing the Certificate Authority Problem", and in addition to the answer @RoryMcCune gave here, he and @nealmcb also provided excellent input on the subject answering this question.

Rory Alsop
  • 61,474
  • 12
  • 117
  • 321