Linked by Thom Holwerda on Mon 5th Sep 2011 22:26 UTC
Privacy, Security, Encryption So, people from within Iran have hacked the Dutch company DigiNotar, allowing them to issue fake certificates so they could listen in on Iranian dissidents and other organisation within Iran. This is a very simplified version of the story, since it's all quite complicated and I honestly don't even understand all of it. In any case, DigiNotar detected the intrusion July 19, but didn't really do anything with it until it all blew up in their face this past week. Now, the Dutch government has taken over operational management of DigiNotar... But as a Dutch citizen, that doesn't really fill me with confidence, because, well - whenever the Dutch government does anything even remotely related to IT technology, they mess it up. And mess it up bad.
Thread beginning with comment 488648
To view parent comment, click here.
To read all comments associated with this story, please click here.
Lennie
Member since:
2007-09-22

That would have been kind of a problem if the CA is used by your government and you want to make use of their services. Most people also have no idea how the system works they just rely on others getting it right.

Reply Parent Score: 2

Bill Shooter of Bul Member since:
2006-07-14

A ssl cert CA's business is based on trust. Others must trust them to at a minimum keep their cert issuing authority out of the hands of bad guys. If they don't as in the case of DigiNotar, then people like me stop trusting them. Then people who expect things to work, find they don't and blame the company they are trying to connect with. Then that company switches CA roots to someone who is trusted. And they system works for everyone again.

Reply Parent Score: 2

Lennie Member since:
2007-09-22

So I guess you also removed Comodo, last time ?

To bad you can't use a quarter of the whole HTTPS sites on the internet.

You see, it isn't that simple. :-(

Reply Parent Score: 2

Alfman Member since:
2011-01-28

Bill Shooter of Bul,

"Then that company switches CA roots to someone who is trusted. And they system works for everyone again."

I know you understand what is going on. However what you view as working system, I view as a broken model.

3rd party authentication, as with the CAs, is inherently problematic when the CA's security is lower than that of the websites using SSL. As it stands, any CA has the technical ability to create a fraudulent certificate for any website. No matter what precautions SSL users/websites take, they are dependent upon *ALL* CA's to not screw up.

The CIA probably was not a client of DigiNotar, and yet they were a victim of the leak. DigiNotar didn't even bother to tell anyone about the leak for several weeks - if there are more leaked keys out there, we'd have no idea.

I don't want to sensationalize this and blow the risks out of proportion, but 3rd party trust is a disturbing requirement of SSL.

I'd be a bigger proponent of a secure DNS based solution which guaranties that we are communicating with the registered owner of a domain name. Everyone with a domain name would be entitled to publish their own certificate in their DNS records and not have to use a CA for the privilege.

This would still require trust in one's hosting provider to supply the legit certificate via secure DNS, however since trusting a hosting provider is implicit anyways, it doesn't increase the scope of trust and it can be insourced to increase security.

Reply Parent Score: 2

Bill Shooter of Bul Member since:
2006-07-14

http://threatpost.com/en_us/blogs/microsoft-revokes-trust-five-digi...

FYI,I'm not the only one who no longer trusts them.

Edited 2011-09-07 20:13 UTC

Reply Parent Score: 2