Google Researchers Propose Plan To Fix CA System 91
Trailrunner7 writes "The security industry has no shortage of hard problems to solve, but the one getting the most attention right now is finding a way to improve, or ideally, replace, the CA infrastructure. The latest in what has become a series of recent proposals to help shore up the certificate authority system comes from a pair of Google security researchers who have laid out a plan for providing auditable public logs of certificates as well as proofs for each certificate issued. The system proposed by Google's Adam Langley and Ben Laurie (PDF) comprises three separate ideas, but relies on the creation of a publicly viewable log of every public certificate that's issued by a CA. There could be any number of public logs of these certificates, but the logs will be structured so that they are append-only. The entries in the logs will be the end certificates in the issuance chain. In addition to the logs, the proposal includes the use of proofs that are sent with each certificate to the user's browser. Laurie and Langley haven't defined exactly what the proof would look like, but suggest that it could be an extra certificate or a TLS extension."
Re:Not Impressed (Score:2, Insightful)
Re:Something To Think About (Score:4, Insightful)
How do you propose to verify someone's (or some site's) identity without having a trusted third party telling you that you should? What you say is kind of utopic, it might work to connect to somewhere you know, but it'll fail on a larger scale.
And don't forget that it's not just you having to verify the website's identity, sometimes it is also the website asking to verify yours. Even if they used their own CA to hand you a certificate, they still needed a trust based system.
Yes, I see your point, on a basic level ssh only relies on an asymmetric key exchange and sygnatures and not on CA's, but the problem is way bigger than that.
Re:Self signed certs. (Score:5, Insightful)
Re:Self signed certs. (Score:4, Insightful)
This is essentially what I proposed in my paper [acsac.org] in 2005, only it adds a level of indirection to reduce the amount and volatility of data being added to DNS.
Re:Self signed certs. (Score:2, Insightful)
Are you sure about that? My understanding is that it is signed by the parent domain, all the way up to the root.
As an example, if we take shop.example.dk, it is signed by the owner of example.dk, which is then signed by dk-hostmaster, and the .dk domain will be signed by the root key.
Sure, all this will verify is that the FQDN you are connecting to is actually the FQDN you are trying to connect to, but as this is (or should be) part of the buying process, it's still way better than the current system where a CA will give a key to anyone.
Example: When a CA gave a fraudster a certificate to microsoft.com, Microsoft didn't have anything to do with it. In the system I'm talking about (which is my understanding of how DNSSEC works), the only one able to sign keys for a host under the microsoft.com domain would be Microsoft.