Microsoft deems all DigiNotar certificates untrustworthy, releases

Joe Greco jgreco at
Mon Sep 12 11:52:50 UTC 2011

> > I think that it's hard to cope with SSL.  It doesn't do the right things
> > for the right reasons.  Many of us, for example, operate local root CA's
> > for signing of "internal" stuff; all our company gear trusts our local
> > root CA and lots of stuff has certs issued by it.  In an ideal world,
> > this would mean that our gear talking to our gear is always secure, but
> > with other root CA's able to offer certs for our CN's, that isn't really
> > true.  That's frustrating.
> You don't have to have the big fat Mozilla root cert bundle on your
> machines.  Some OSes "ship" with an empty /etc/ssl, nobody tells you who
> you trust.

You don't have to have a web browser on your machines, either.  Also
solves the problem FSVO "solves."

Users don't really want to figure out SSL, and we shouldn't *want* them
to have to figure out SSL.  When your grandfolks (or parents or whatever)
connect up to the Internet with a PC, they just sort of expect that things
will work.  We should have found a way to make that happen - instead we
gave them SSL.  :-)

> > The reality is that - for the average user -  SSL doesn't work well 
> > unless about 99% of the CA's used by the general public are included 
> > as "trusted."  If a popular site like Blooble has a cert by DigiNotar
> > and the Firerox browser is constantly asking what to do, nothing really
> > good comes out of that ...  either people think Firerox blows, or they
> > learn to click on the "ignore this" (or worse the "always trust this")
> > button.  In about 0.0% of the cases do they actually understand the
> > underlying trust issues.  So there's a great amount of pressure to
> > just make it magically work.
> How about a TXT record with the CN string of the CA cert subject in it?
> If it exists and there's a conflict, don't trust it.  Seems simple
> enough to implement without too much collateral damage.

I don't know.  It may have some potential.

> > However, as the number of CA's accepted in most browsers increases, 
> > the security of the system as a whole decreases dramatically.  Yet
> > the market for $1000/year SSL certs is rather low, and the guys that
> > are charging bargain rates for low quality certs are perhaps doing
> > one good thing (enabling encryption) while simultaneously doing another
> > bad thing (destroying any "quality" in the system).  SSL is going to
> > have these problems as long as we maintain the current model.
> I like the added "chrome" that the new browsers have for EV certs, but
> users need to be stabbed in the face, green vs. blue doesn't really do
> it.

Perhaps what we need is to stab some Internet folks in the face too,
though, for allowing the perpetuation of Much Badness(tm).  We might
really be better off, for example, if we could get a ".bank" TLD that
was operated in a rational manner, where only the bank's proper name
was registered, all websites had to run as subdomains, and SSL certs
for .bank could only be issued by ... well maybe even just one CA, or
at most two or three.

I mean, there's still so much wrong with that model too, but it has
some more-correct things built into it.

> > In the long run, I expect all the CA's to behave something like this -
> > especially the ones that have more to lose if they were to become
> > suddenly "untrustworthy." 
> Yes, how do you think Verisign/Thawte/Symantec would behave if they
> found that their keys were compromised?  They might do the right thing,
> because they're not stupid enough to think they could get away with
> trying to cover it up. 

Wow, you're ... pleasantly naive? (not meant as an insult AT ALL!)  Or 
maybe I'm just hopelessly cynical.  But I do see that as naive; I expect
that at a minimum the spin machine would be running at full tilt and
it would be downplayed as much as possible.

> What would the browser vendors do in that case?

Interesting question.

> I hope there's a contingency plan, and if there is it seems like it
> should be made public.

Okay.  :-)

... JG
Joe Greco - Network Services - Milwaukee, WI -
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

More information about the NANOG mailing list