Tuesday, August 30

Blindly Trusted Roots

With both Comodo and Diginotar both having their security breached, it highlights some of the important trust issues we have on the Internet.  The process of trusting these root CA's is extremely important as they serve as the foundation of protecting our information as it is transmitted across public and untrusted networks.

Both of the breaches resulted in fraudulent certifications being issued and used to impersonate high-traffic sites such as google, yahoo, skype and live dot com properties.  These certificates were used to trick browsers (and users) into thinking that they were connected to a valid site, when they were not.

More importantly though is the realization that the trust in the root CA system on the Internet has been eroded.  With two publicly disclosed breaches, how many undisclosed breaches have their been, and how many breaches of these CA's have not even been discovered?

While the use of fraudulent certificates on high-volume consumer sites is a big issue, the bigger issue here is the use of low-volume high-value certs to intercept financial transactions, email message systems, and other highly critical services.

My position is that we need to come up with a new paradigm for establishing trust in public/private services, and eliminate the use of old broken systems like the root CA pki's.  The only issue I see is the speed with which this can happen.