Microsoft deems all DigiNotar certificates untrustworthy, releases

Chris Adams cmadams at hiwaay.net
Tue Sep 13 15:24:28 UTC 2011


Once upon a time, Valdis.Kletnieks at vt.edu <Valdis.Kletnieks at vt.edu> said:
> If you use SSH to connect, and either ignore the "host key has changed" or
> "authenticity can't be established, continue connecting?" messages, you get
> what you deserve - those are the *exact* same issues that your browser warns
> about self-signed certs.  And if you *don't* ignore them on SSH - why do you
> want to ignore them on SSL?

A big difference between SSH keys and SSL certificates is that SSL certs
have a built-in expiration date (which is a good thing, as nothing is
secure forever).  When that expiration date rolls around, the admin may
create a new key/cert pair, rather than just renewing the previous cert,
which would cause all the visitors that accepted the previous cert to
get a new and nastier warning that the cert has changed.  How do the
visitors know the difference between this case and a hijack/MITM?

Certs are almost guaranteed to change over time as technology changes.
For example, it used to be common to have 512 bit certs with an MD5
signature hash.  Now 1024 bit and SHA1 are the norm, and many are moving
to 2048 bit (and some to stronger hashes).  Having people get used to
periodically accepting a changed cert defeats the purpose of signed
certs (and again, effectively breaks SSL).

-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.




More information about the NANOG mailing list