Networking optimize

The TLS/SSL Certifying Authority system is a scam

The traditional Public Key Infrastructure implementation of TLS/SSL is a confidence game. Chad Perrin explains why and makes some recommendations on handling online transactions.

Transport Layer Security, or TLS, itself has proven to be a great boon for online transaction security. If your bank isn't using TLS for its account management Web site, it is probably doing something wrong.

TLS is the current implementation of what was originally called SSL, or the Secure Socket Layer protocol. It is an encryption protocol used to protect HTTP connections on the Web so that information can be exchanged securely. This is of particular interest for online financial transactions, but is also important for logins, to ensure that eavesdroppers cannot harvest usernames and passwords in unencrypted network traffic, then highjack accounts.

TLS has also been used (some might say "abused") to provide encrypted connections for an increasingly diverse selection of types of network traffic. As a protocol for establishing communication using strong encryption, it is quite effective at securing such traffic, even when it is not HTTP traffic. It is, in fact, well suited to use with any application layer protocol, including FTP, NNTP, SMTP, and XMPP, in addition to HTTP. Check my articles index for past TechRepublic IT Security articles about using TLS to secure connections to mail servers.

A series of service providers who charge fees for registration of server certificates used to authenticate a Web server has arisen to provide protection from man in the middle attacks. These service providers, called Certifying Authorities (abbreviated "CAs"), make out of band verification of server certificates available to client systems so that man in the middle attacks may be detected. The system by which the CAs make their registration and verification systems available is known as PKI, or Public Key Infrastructure.

Unfortunately, PKI as it is currently implemented for TLS certificate verification (or "validation", as the CAs call it) is unnecessary. As the Perspectives notary system alternative to PKI has shown, there are possible verification schemes that provide far more complete coverage of server certificates. The business model used by CAs in PKI ensures that many servers will never have registered certificates -- servers that may still be as trustworthy as any other, and for which secure encrypted transactions may be just as critical to the day to day online activities of thousands of people as those that can afford to buy into the CA con game.

A confidence game, simply put, is a scam in which a target is convinced to believe something that isn't true so that the con artist can get the target to give him or her money. The idea is that the con artist gains the target's confidence, and uses that against the target. In this case, there are two targets: browser users and people who need to provide encrypted access to their servers. The confidence itself is the impression we have that we not only can trust the CAs, but that we must -- because that's the only way to really protect ourselves with TLS encryption. The real beauty of this particular scam is that nobody needs to lie to use, because given the option to believe in the importance and trustworthiness of some authority figure, most humans do so instinctively. In other words, we lie to ourselves on their behalf.

To replace the TLS scam with a more sustainable (and more broadly effective) system such as the Perspectives notary system, we need to ensure that such an alternative gains popularity and is used more widely. If it is at all reasonable to do so, you should install the Perspectives extension for Firefox right away, and use that for your online transactions that require TLS encryption. Not only will that help reduce the current worldwide reliance on CAs, but it will also give you a way to verify TLS server certificates that the CAs ignore because the CAs haven't received the requisite payments.

About

Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.

36 comments
Doug Vitale
Doug Vitale

"It is, in fact, well suited to use with any transport layer protocol, including FTP, NNTP, SMTP, and XMPP, in addition to HTTP". Transport layer = TCP or UDP Application layer = FTP, NNTP, HTTP, etc. A better choice of words would have been "racket" instead of "scam". IMO "scam" implies illegal or criminal activity while "racket" implies only unethical activity.

apotheon
apotheon

One might think the word "scam" is a bit strong, but really, I don't like to mince words much. By the way, this might be my last "thinking" article in IT Security for a little while. I've been asked to focus more on "how-to" type articles.

apotheon
apotheon

Transport layer = TCP or UDP Application layer = FTP, NNTP, HTTP, etc. Please excuse the brain fart. I've corrected it in the article. IMO "scam" implies illegal or criminal activity while "racket" implies only unethical activity. "Racketeering" is a federal offense, under the terms of the RICO Act.

Ocie3
Ocie3

operates the "notary servers"? Who is paying the operational costs of the "notary servers", and what are their sources of funding? By stating that "The TLS/SSL Certifying Authority system is a scam" you imply that the Certifying Authorities do not provide a service, or that they do not provide a service which is worth the money that they charge for doing so. Do you have the same opinion with regard to EV SSL Certificates? On a perhaps related note, the so-called "OpenID" concept appears to be a scam. Verisign Labs hasn't charged me anything, yet, but it isn't worthwhile to log-in at my Personal Identity Provider every day. It is very unusual to find a web site that uses it.

seanferd
seanferd

Particularly when the idea is stated as you have stated it. Actually, I think that a lot of internet "infrastructure" is a scam, and I don't much care for companies like Verisign and Network Solutions. I'll miss the "thinking" articles, but your "how-to" articles are quite good.

rkuhn040172
rkuhn040172

I like the idea, however, since roughly 60% of the world uses IE, not sure how effective it can be. One can't have some genius idea and then only apply it to the 30% or so part of the world that uses Firefox. Where are the plugins and what not for IE, Safari, Chrome, Opera, etc?

apotheon
apotheon

You could run one. It's a distributed infrastructure, not specifically dependent on any particular organization.

apotheon
apotheon

I think I have an idea for how to give you your fix in the future.

apotheon
apotheon

It'd be nice to see extensions for additional browsers. Of course, Microsoft may well fight that, trying to make IE's extension system incompatible with Perspectives, and Chrome doesn't have a finalized extension system yet (though it's evidently close to that point). The more people use it, the more likely it is to get ported to other browsers' extension systems. If you convince more people to use it, there will be more widespread demand for it, which will likely lead to Perspectives being incorporated into extensions for more browsers.

santeewelding
santeewelding

Lest I be charged with collusion, in addition to convoluted presentation of jest.

santeewelding
santeewelding

Spare, terse, and limited is probably the best way to do this with Apotheon.

Ocie3
Ocie3

FYI, there are three sets of options. Enabling a choice for an option usually excludes enabling the other(s). [b]Security Level[/b] selection: High greyed-out: quorum percentage greyed-out: quorum duration [b]Overriding Firefox Security Errors[/b] enabled: Allow Perspectives to automatically override security errors. not enabled: Permanently trust certificates validated by Perspectives [b]When to Contact Notaries[/b] not enabled: Contact Notaries for all HTTPS sites. enabled: Contact Notaries only when a web site's certificate causes a security error. not enabled: Always ask the user before contacting Notaries. _____________________

santeewelding
santeewelding

Analogous, metaphorical, and artifactual -- straw.

apotheon
apotheon

I remember much more than that, but straw men are probably the most common form of "argument" advanced on the Internet. Should I refrain from pointing out when it rears its ugly head? The points brought up by WCarlS are completely off the subject of what they address. Thems is the facts.

apotheon
apotheon

You can configure the Perspectives extension to behave pretty much how you like -- have it take precedence, have it only step in when the CA fails, having it be the only certificate validation; I'm pretty sure all of them are options, though I haven't looked at the configuration for a while since I set it up to suit my preference.

Ocie3
Ocie3

if the Firefox Perspectives add-on is installed, does Firefox use only the notary servers to validate/verify/authenticate certificates, or does it query the CA[i]s[/i] instead when a web site has a certificate issued by a CA? So far, I've only seen Perspectives step-in when there was a problem (which I can't recall) with a self-signed certificate.

santeewelding
santeewelding

Is that the only thing you remember from your exploration of logic? Seems so. You draw it and fire at most everything. Looks to be like your sign of the cross.

apotheon
apotheon

What are the artificial requirements to become a Certifying Authority? The primary requirements are: 1. Service Organization Size -- No browser vendor is likely to offer a given CA amongst its default CA list if the CA in question is too small. Only a handful of CAs makes it into the default CA list for a given browser, and size is the single largest determining factor. 2. Mutual Corporate Approval -- Microsoft in particular has a lot of power to say what is or is not generally considered a "trusted" CA, because its browser is still the majority market share holder. To avoid complaints that they do not support as much as IE, other browsers must "trust" the same core set of CAs. This establishes a conflict of interest as it encourages major CAs and Microsoft to grant each other special consideration. 3. Brand Recognition -- The more recognizable a given CA brand becomes, the more people will invest in that particular CA for purposes of ensuring the broadest support for their TLS certificates. This means that advertising budgets for attracting those who need their certificates validated by a CA serve an incredibly important role in determining the industry "trust" for a given CA. Whether we depend upon Certifying Authorities or upon a "group of entities running notary servers", ultimately we are placing that aspect of the security of our computer systems in the hands of people about whom we know very little or nothing, yet we depend implicitly upon their goodwill. You're missing an important distinction here, though: 1. You can have a single CA sign your certificate, thus requiring your site's visitors to trust that single entity -- the CA -- to accurately and without conflicts of interest verify certificates for you. 2. You can have the benefit of notary servers distribute "trust" across a broad range of entities that are not in a related "group" so that, even if some small minority disagrees with the remainder, you know something is wrong somewhere. Trusting a CA is a case of tunnel vision, really. You look to one individual and say "Is this okay?" and, when he says "Yes," you basically have no choice but to trust him. With notary servers for Perspectives on the other hand, you ask one guy "Is this okay?" and if he says "Yes," you can ask the next notary server "Do you think this is okay, too?" and so on. The notaries serve as checks and balances on each other. Even if all the notary servers return the "wrong" certificates because a given site is subject to so many MITM attacks that there are no records of actually valid certificates, you're still going to know something is wrong because the various bad certificates won't match up.

apotheon
apotheon

The subject of this particular subthread is the relative trustworthiness of CAs and Perspectives notary servers. Your analogizing reference to "spammers and scammers et al" is a bit of a straw man, as is your reference to infected machines.

Ocie3
Ocie3

artificial requirements to become a Certifying Authority? Whether we depend upon Certifying Authorities or upon a "group of entities running notary servers", ultimately we are placing that aspect of the security of our computer systems in the hands of people about whom we know very little or nothing, yet we depend implicitly upon their goodwill. That aspect of life is introduced when the society in which we live exceeds approximately 1,000 people. Personally, I do not want to live in a tribe that small.

WCarlS
WCarlS

"users need only trust that, in aggregate, the group of entities running notary servers is too large and fractious" ??? Aren't spammers and scammers et al a group "too large and fractious to be identically untrustworthy"? And what if a truly trustworthy person, or group, has infected machines?

apotheon
apotheon

The point isn't how feasible it is for you, personally, to run a notary server -- it's the fact that the only bar to entry is the willingness and technical resources to do so. There are no artificial requirements of "authority", where who you know is more important than what you know. As a result, a system can be built where nobody has to trust any single entity. Rather, users need only trust that, in aggregate, the group of entities running notary servers is too large and fractious to expect that they're all going to be identically untrustworthy.

Ocie3
Ocie3

always depends upon a person or upon two or more people (whether they are "organized"). With respect to creating and running a Perspectives "Notary Server", I would need a lot of support and advice, no doubt. Aside from that, I doubt very much that my ISP would welcome the traffic. If memory serves, running a server violates the Terms of Service, unless they are willing to do business with me and vice-versa. Perhaps the server would have to be hosted somewhere else. But the most significant matter is that I don't have any money to contribute to running one.

boxfiddler
boxfiddler

absolutely certain of that, apotheon?

apotheon
apotheon

I have no power here. What are you talking about?

santeewelding
santeewelding

You need to review your own assumption of power.

apotheon
apotheon

I've heard it said that the most important man at the court of a king is the jester, a clever wit whose job it is to heckle those with power, with impunity imparted by the cleverness of the jokes. The jester helps keep the king honest by prompting him to remember he's still human, and just as susceptible to ridicule for his errors as anyone -- thus enforcing the notion that he's capable of error in the first place. Of course, there are some caveats one must observe: 1. The jester has to be trusted. 2. The jester has to draw attention to things to which no other potential detractors are drawing attention. 3. The jester has to avoid swaying the incidental audience against reason. 4. The jester has to make sense, and draw upon the experiences of the audience, without assuming knowledge (and memory) that it isn't reasonable to assume. The jester's job is more difficult than the king's, really, because it's too easy to fail to do it well. Failing, the would-be king's jester ends up relegating himself to irrelevancy -- or to simple annoyance, failing to live up to Plato's description of Socrates as the "gadfly". Worse, a court jester who fails in his most important role can become a champion of ignorance, and is nothing but the superficial fool. Just thought I'd mention.

santeewelding
santeewelding

Expresses concern about how I confront you. I confront you the way a golden one deserves to be confronted. I would be remiss in the presence of intelligence to do otherwise.

Ocie3
Ocie3

sometimes I still burst into flame. :-)

apotheon
apotheon

What do the Citi credit card sites do that results in using non-"persistent" certificates?

robindor
robindor

I have been using Firefox with Perspectives since it was first issued. I thoroughly approve of what it does. There is, however, one limitation: some sites [for example, Citi credit card sites] do not use a verifiable certificate. The Perspectives notaries never see a persistent certificate, so cannot certify the site. So, in addition to installing Perspectives more widely, an effort is needed to persuade sites to handle certificates in a compatible manner.