1. 11

  2. 4

    The post hasn’t mentioned pinning, which should reduce the damage a CA compromise could cause. There’s a standard for it being pushed forwards by some people at Google and I believe Chrome already implements it.

    The idea is that the first time you visit a site, the browser goes through the standard procedure of verifying your certificate is signed by a trusted CA. The website includes a header specifying the “pinned” public key(s) which are used by certificates on that website. For subsequent connections (assuming the pins have not expired), the browser will only accept the certificate if its public key matches one which is pinned. If it doesn’t match a pinned key (e.g. because it was a fraudulent certificate issued by someone attacking a CA, which will have a different key to the website’s real key) the browser won’t trust it.

    The risk of a fraudulent certificate issued by a compromised CA being accepted is therefore reduced to the first time you visit the site, or if you visit the site so infrequently so that the pins expire. Chrome solves this for popular sites (google.com, twitter.com, etc.) by including a hard coded set of pinned public keys for them.

    In non-browser scenarios, e.g. mobile phone apps, you can simply hard code the pinned keys in your application and remove reliance on CAs entirely.

    1. 2

      Google also has Certificate Transparency which they plan to require for EV certs issued in 2015 in Chrome.

    2. 1

      I was poking around with EV a little while ago and noticed that different browsers had different EV enabled root certs. Chrome would say a site was EV, firefox would not. For that matter, it’s hard to find web sites that use EV. paypal doesn’t, chase doesn’t, wellsfargo doesn’t… bank of america does.

      verisign does, but it says symantec corporation instead, which would sketch me out if I had the right mix of knowledge and ignorance.

      1. 1

        According to Google Chrome on my system, Paypal does have EV (and they were one of the first sites I saw with EV). (I agree with the rest, Chase: no, WF: no, BoA: yes, Verisign: yes, and they sold their SSL business to Symantec a few years bac)