The recent Comodo and DigiNotar breaches have proven that the HTTPS trust model is broken. Every browser trusts the opinion of hundreds of Certificate Authorities. If a single one of those CA's is breached by a hacker, government, or mischievous employee, then you can't be sure that the HTTPS connection you're making isn't being intercepted. To make the problem worse, if a CA (Comodo for example) has a very large share of the SSL market, the browsers can't just "untrust" them; millions of non-technical users would suddenly start getting HTTPS errors. My proposal addresses both the issues of forgery, and the issues of CAs who are too big to fail.
The concept is quite simple. The implementation, a little more involved. Instead of requiring that a certificate is signed by a single trusted authority, require multiple independent trusted signatures.Forgeries If a browser requires that a certificate is signed by at least N trusted authorities (three maybe?), then getting forgeries signed suddenly become much more difficult. There is the problem that some states might be able to compel three different CA's under their own influence to sign a forged certificate. This could be addressed by requiring that a certificate is signed by authorities in different states. Rather than limiting this issue to "states", each CA could be assigned (in the browser) a list of entities under whos influence they fall. Each certificate would then have to be signed by a minimum of N authorities who don't have any overlapping influences. Too big to fail?If a browser requires a certificate to be signed by a minimum of three authorities, and people get their certificate signed by four or even five authorities, then no CA is "too big to fail" anymore. Browsers can remove even the largest CA from their trusted root list, and affected certificates will still have enough signatories to be trusted. If forged certificates are found in the wild that are signed by three different CA's, a temporary "influence" relationship could be created between the three CAs to specify that they have all been compromised by the same attacker.
Read more: Grepular
QR:
The concept is quite simple. The implementation, a little more involved. Instead of requiring that a certificate is signed by a single trusted authority, require multiple independent trusted signatures.Forgeries If a browser requires that a certificate is signed by at least N trusted authorities (three maybe?), then getting forgeries signed suddenly become much more difficult. There is the problem that some states might be able to compel three different CA's under their own influence to sign a forged certificate. This could be addressed by requiring that a certificate is signed by authorities in different states. Rather than limiting this issue to "states", each CA could be assigned (in the browser) a list of entities under whos influence they fall. Each certificate would then have to be signed by a minimum of N authorities who don't have any overlapping influences. Too big to fail?If a browser requires a certificate to be signed by a minimum of three authorities, and people get their certificate signed by four or even five authorities, then no CA is "too big to fail" anymore. Browsers can remove even the largest CA from their trusted root list, and affected certificates will still have enough signatories to be trusted. If forged certificates are found in the wild that are signed by three different CA's, a temporary "influence" relationship could be created between the three CAs to specify that they have all been compromised by the same attacker.
Read more: Grepular
QR:
Posts
0 comments:
Post a Comment