Certificates and "authorities"
Posted Sep 8, 2011 15:07 UTC (Thu) by rgmoore
(✭ supporter ✭
In reply to: Certificates and "authorities"
Parent article: Certificates and "authorities"
Why is it forlorn to hope CAs will keep their systems secured?
Even if they manage to keep their systems technically tight as a drum, they can't escape social and legal pressure. Imagine, just for example, what would have happened if it had been the Dutch government that wanted to issue false certificates rather than the Iranian government. They wouldn't have needed to break into DigiNotar; they could just walk over and demand that DigiNotar issue them the false certificates. Do you really think the official Dutch CA is going to turn down a government request for a false Cert, especially if it's presented as being for some important and legitimate government purpose like tracking thieves or terrorists? Do you think any of the few CAs that Google uses to sign its official certificates would be able to escape from pressure from their national governments?
And it's not just a question of that kind of legal authority. What happens when organized crime decides that it's very valuable to be able to issue false certificates? There are all kinds of ways they could do it: using a mole to infiltrate an existing CA, blackmailing a CA employee into issuing them fake certs, or even setting up their own CA as a legitimate enterprise and sneaking out a few fake certs once in a while when their business needs them.
This is an inherent problem with the trust model. If you place a lot of trust in a specific authority, you greatly increase the value of suborning that authority. People who have skill at suborning authorities will be able to take advantage.
to post comments)