The state-level attack on the SSL CA security model

Ariel Biener ariel at
Sat Mar 26 19:33:55 UTC 2011

On 25/03/2011 6:45 PM, Valdis.Kletnieks at wrote:
> On Fri, 25 Mar 2011 09:19:52 PDT, "Akyol, Bora A" said:
>> One could argue that you could try something like the facebook model (or
>> facebook itself). I can see it coming.
>> Facebook web of trust app ;-)
> Gee thanks.  I'm going to have nightmares for *weeks* now... :)
Based on the Facebook model:

1. Friends - people among whom are some I most probably never knew 
before, or some I
                      would not even say hello to.
2. Trusted friends - people I actually say hello to

I think you'll need "Highly trusted friends" as a 3rd level :)

And that will hold for about 1 month, until people will start banging on 
"inner circle" virtual door, and soon enough your list of trusted and 
highly trusted
friends will start filling up.

What does "trusted" mean in this particular case ?  There is no one list 
of criteria for
being "trust worthy", and some people are more trusting that others. How 
would trustworthyness
be measured anyhow ?  How many people signed your thing, who are also 
trustworthy themselves
(which means that their SIG was also signed by trustworthy people, see 
the vicious circle). And would
people from a certain part of the globe or certain countries be more 
trust worthy based on their
country trustworthyness, or maybe on their culture being more open and 
trusting ?

If this is to become some kind of global meaningful thing, it needs to 
be standardized, so it will
have the same meaning regardless of where this is applied, and it will 
have straightforward means
of "measuring" trust. Is there such a standard in place ?

Just for an example, we have in Israel a CA that is recognized by the 
government - they are allowed
to issue certificates used for signing documents - and signing with 
certs issued by this CA
is admissible in court under the electronic signatures law. The 
government has put up a certain
standard for what a CA needs to do in order to be recognized as 
trustworthy. Only one CA in Israel attained
this status. Does that mean they are trustworthy to you ?  I don't think 
so. So it can't be a local thing,
it needs to be a global thing, and the standard needs to be global and 
accepted as well.


More information about the NANOG mailing list