Impact of Cyber Risk


BBC reports from the RSA conference in San Fransisco about the heartfelt plea made by Michael Chertoff, the US homeland security chief, to save the world (or at least the US) from threats comparable to the worst of all. He pointed out that securing the nation’s internet highways and byways was a job the federal government could not do alone and needs help from the private sector.

And how is the private sector acting these days, specially the open source vendors? During the last month I had a prolonged argument on a mailing list with Frank Hecker, the president of the Mozilla Foundation, about practices of some certification authorities. On one hand, the upcoming Firefox 3 browser is getting very serious with errors related to SSL secured web site and on the other hand there are certification authorities (CA)  included and “trusted” within the same software, which have some very dubious practices. For example the issuing of digital certificates for a life-time of ten years or more and wild card certificates which are domain validation only.

Why is this a problem, the dear reader might ask? People aren’t static objects, but they move, change addresses and sometimes even change their names. Domain names change owners, they may belong to different people during the life-time of a few years only. Issuing domain validated certificates without any re-validation for a longer period might effectively lead to somebody having a certificate without being the owner of the domain name. This in turn would allow for a so-called man-in-the-middle attack, which domain validated certificates are supposed to prevent in first place. Under such circumstances encryption would be completely worthless.

With phishing a common problem on today’s Internet, wild card certificates present an easy attack vector to mislead a somewhat careless user. A domain name like paypal.domain.com would be perfectly valid and even “secured”. For this type of certificates, domain validation isn’t enough because of the special trust the subscriber (holder of a certificate) receives and because there is no way for the certification authority to figure which sub domain is going to be used. Regular certificates which are only domain validated don’t present the same risk, because the full domain is known to the issuing CA and can be even prevented before actually doing so. But wild card certificates should be really issued only to subscribers which underwent a higher validation procedure (which assumes that a validated person would not try to do something stupid).

The StartCom CA has for both cases above a clear policy and limits certificate validity to one year and requires at least Class 2 identity validation for wild card certificates. With this measures in place, StartCom guaranties to a reasonable extend, that certificates are only in the hands of the actual domain name owner and that phishing is minimized by requiring higher validation. But because StartCom remains in the minority with such requirements, the security concept and trust in the PKI model remains broken for most users of the Firefox browser. The saddest part of this story is, that the certification authority with the risky practices mentioned above showed their willingness to abandon these practices if the suggested limitations would be applied across the band for all CAs shipped with Firefox, but Frank felt that this isn’t worth the effort. So the homeland security chief of the US sees the biggest threats coming, but for our most basic security requirements anything will do according to the browser vendors. I’m getting the feeling that they aren’t living in the same world…

Discussions at the mozilla.dev.tech.crypto mailing list are here and here. Conclusion of Frank is here. A good example of a domain name which belonged just a few years ago to a different entity is our own startssl.com domain, see the history of  this domain here. Effectively somebody in Korea can still have a valid certificate for startssl.com. Really scary…

Information and Links

Join the fray by commenting, tracking what others have to say, or linking to it from your blog.


Other Posts
The Added Value
Smart Cards made easy on Linux and Firefox

Write a Comment

Take a moment to comment and tell us what you think. Some basic HTML is allowed for formatting.

You must be logged in to post a comment. Click here to login.

Reader Comments

IANSS (I am not a security specialist), but I believe this is particularly important, especially as one of the most overlooked threats (and the one I fear the most!) is the “DNS cache poisoning” (let’s include here “pharming” too).

Exactly! And if you look at the hosting history of our domain startssl.com, you understand why this IS an issue. Certainly this is not the only domain name which falls under this category :-(

Well, I experienced a few DNS poisonings years ago (some events around 1996 and some around 2003), where google.com was actually displaying a totally different page in Romania! Poison, poison, poison!

Now, what if a credit card processing site URL is poisoned, and the SSL certificate is not valid, but the user accepts it nevertheless? (You guessed it.)

Browsers are changing rapidly as I also mentioned in the article. Just check out the FF3 beta. There is no way to click away the warning without thinking twice…That’s also one of the comparisons I took in this article, where the software increased the security in relation to secured sites (at last we got rid of those stupid popup’s) and where the Mozilla CA policy (and therefore some of the CAs in question) are not on par with that. It makes some of the improvements of FF3 pretty useless…

Although I’m a big fan of Firefox/Thunderbird I don’t like there policy of including every root certificate they can find (as a manner of speaking). The trick (sorry Dutch only) I use is to rename the library (libnssckbi.so or nssckbi.dll) in which all these certificates are placed. After that nothing is trusted until I explicitly add the correct root certificate. Another solution is to build our own library with trusted certificates…