Scott Gifford <sgifford (at) suspectclass (dot) com [email concealed]> wrote on Feb 11, 2005:
>Maybe I'm naive, but shouldn't a trustworthy root CA not sign
>certificates for domain names which are obviously meant to be
>deceptive?
Signing the certificate earns income for the CA and its shareholders,
and serves the customer who requested that the certificate be
signed. If a CA were to set very high standards and check very
carefully, then it would price itself out of the market.
As a user of a browser I am not a customer of the CA, and it isn't
evident why the CA should be under any obligation to me. They surely
are under an obligation to their shareholders and their customers.
> Isn't this the entire reason for browsers coming with a
>small list of CAs which are deemed trustworthy?
Perhaps I am too cynical. But I always thought they were there to
advance the business interests of the CAs.
>If the holders of widely-trusted root certificates can't be trusted to
>avoid even the most rudimentary deceptions, many of the protections of
>SSL have only very limited value.
The protections have only very limited value. They are perhaps
adequate to make MITM attacks unlikely, but they are not capable of
dealing with the kind of deception being discussed here.
>Perhaps some more care on the part of browser packagers in deciding
>which CAs have their certificates included by default is the solution.
This would not help much. The existing PKI based system is based on
an unnatural network of presumed trust.
A better system would allow a certificate to have many co-signers,
much as PGP keys can be co-signed by many others. In such a system,
my credit card company could act as CA. I am a customer of my credit
card company, so this would build on natural trust relations.
Moreover, my credit card company could act as guarantor for any
purchases I make at web sites where they have signed the site
certificate (presuming that I use their credit card). This would
provide a substantial financial incentive for the credit card
company, acting as CA, to be wary of possible deceptive practices.
>Maybe I'm naive, but shouldn't a trustworthy root CA not sign
>certificates for domain names which are obviously meant to be
>deceptive?
Signing the certificate earns income for the CA and its shareholders,
and serves the customer who requested that the certificate be
signed. If a CA were to set very high standards and check very
carefully, then it would price itself out of the market.
As a user of a browser I am not a customer of the CA, and it isn't
evident why the CA should be under any obligation to me. They surely
are under an obligation to their shareholders and their customers.
> Isn't this the entire reason for browsers coming with a
>small list of CAs which are deemed trustworthy?
Perhaps I am too cynical. But I always thought they were there to
advance the business interests of the CAs.
>If the holders of widely-trusted root certificates can't be trusted to
>avoid even the most rudimentary deceptions, many of the protections of
>SSL have only very limited value.
The protections have only very limited value. They are perhaps
adequate to make MITM attacks unlikely, but they are not capable of
dealing with the kind of deception being discussed here.
>Perhaps some more care on the part of browser packagers in deciding
>which CAs have their certificates included by default is the solution.
This would not help much. The existing PKI based system is based on
an unnatural network of presumed trust.
A better system would allow a certificate to have many co-signers,
much as PGP keys can be co-signed by many others. In such a system,
my credit card company could act as CA. I am a customer of my credit
card company, so this would build on natural trust relations.
Moreover, my credit card company could act as guarantor for any
purchases I make at web sites where they have signed the site
certificate (presuming that I use their credit card). This would
provide a substantial financial incentive for the credit card
company, acting as CA, to be wary of possible deceptive practices.
-NWR
[ reply ]