Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

Aaron C. de Bruyn aaron at heyaaron.com
Sun Sep 11 22:20:51 UTC 2011

I'm pretty fond of the idea proposed by gpgAuth.One key to rule them
all (and one password) combined with the client verifying the
server.It's still in its infancy, but it works.
(Full disclosure: I work with the creator of gpgAuth in our day jobs)
On Sun, Sep 11, 2011 at 11:47, Richard Barnes <richard.barnes at gmail.com> wrote:
> There's an app^W^Wa Working Group for that.
> <http://tools.ietf.org/wg/dane/>
> On Sun, Sep 11, 2011 at 2:44 PM, Mike Jones <mike at mikejones.in> wrote:
>> On 11 September 2011 16:55, Bjørn Mork <bjorn at mork.no> wrote:
>>> You can rewrite that: Trust is the CA business.  Trust has a price.  If
>>> the CA is not trusted, the price increases.
>>> Yes, they may end up out of business because of that price jump, but you
>>> should not neglect the fact that trust is for sale here.
>> The CA model is fundamentally flawed in the fact that you have CAs
>> whose sole "trustworthiness" is the fact that they paid for an audit
>> (for Microsoft, lower requirements for others), they then issue
>> intermediate certificates to other companies (many web hosts and other
>> minor companies have them) whose sole "trustworthiness" is the fact
>> that they paid for an intermediate certificate, all of those
>> companies/organisations/people are then considered trustworthy enough
>> to confirm the identity of my web server despite the fact that none of
>> them have any connection at all to me or my website.
>> There is already a chain of trust down the DNS tree, if that is
>> compromised then my SSL is already compromised (if they control my
>> domain, they can "verify" they are me and get a certificate), what
>> happened to RFC4398 and other such proposals? EV certificates have a
>> different status and probably still need the CA model, however with
>> "standard" SSL certificates the only validation done these days is
>> checking someone has control over the domain. DNSSEC deployment is
>> advanced enough now to do that automatically at the client. We just
>> need browsers to start checking for certificates in DNS when making a
>> HTTPS connection (and if one is found do client side DNSSEC validation
>> - I don't trust my ISPs DNS servers to validate something like that,
>> considering they are the ones likely to be intercepting my connections
>> in the first place!).
>> It will take a while to get updated browsers rolled out to enough
>> users for it do be practical to start using DNS based self-signed
>> certificated instead of CA-Signed certificates, so why don't any
>> browsers have support yet? are any of them working on it?
>> - Mike

More information about the NANOG mailing list