Don Marti
Fri 03 Sep 2010 07:34:12 AM PDT
SSL certificates and man-in-the-middle attacks
Important security topic: browsers enabling government MITM attacks
Coverage of the problem: The Internet's Secret Back Door by Danny O'Brien on slate.com, and discussion on Bruce Schneier's blog.
Verizon and Etisalat thread on mozilla.dev.security.policy
Potentially problematic CA practices at mozilla.org
EFF is starting the EFF SSL Observatory and asking Verizon to revoke one certificate for one high-profile problem company.
But there's a bigger problem: Web Security Trust Models. "This is also an inflexible model because there is no reasonable way to impose finer-grained control on the authority of the CAs. The standard used is called X.509. It doesn't allow you to trust Verisign to a greater or less than the Chinese government -- it is essentially all or nothing for each. You also can't tell your browser to trust CNNIC only for sites in China (although domain name constraints do exist in the standard, they are not widely implemented). It is also inflexible because most browsers intentionally make it difficult for a user to change the certificate list."
Potential solutions: