The state-level attack on the SSL CA security model

Joakim Aronius joakim at
Thu Mar 24 05:19:47 CDT 2011

* Dobbins, Roland (rdobbins at wrote:
> On Mar 24, 2011, at 11:05 AM, Martin Millnert wrote:
> > Announcing this high and loud even before fixes were available would not have exposed more users to threats, but less.
> An argument against doing this prior to fixes being available is that miscreants who didn't know about this previously would be alerted to the possibility of using one of these certs (assuming they could get their hands on one) in conjunction with name resolution manipulation.

The fix here is to delete the compromised UID and revoke the certs, thats done immediately, then inform the public, no reason to wait after that. IF the speculations about a specific nation is true then there is a risk that people there run real (like physical) risks by using e.g. yahoo the last few days. They would have appreciated being informed.
> Note that announcing this prior to fixes would've dramatically increased the resale value of these certificates in the underground economy, making them much more attractive/lucrative.
Why? Surely the value of stolen certs are higher if the public do not know that they exist.


More information about the NANOG mailing list