SSL Certificates
Jimmy Hess
mysidia at gmail.com
Thu Feb 16 06:57:25 UTC 2012
On Wed, Feb 15, 2012 at 6:49 PM, George Herbert
<george.herbert at gmail.com> wrote:
> On Wed, Feb 15, 2012 at 4:17 PM, John Levine <johnl at iecc.com> wrote:
> The problem with anything related to Verisign at the moment is that
> The possibility of their root certs being compromised is nonzero.
The possibility of _ANY_ CA's root certs having been compromised is non-zero.
There's no evidence published to indicate Verisign's CA key has been
compromised,
and it's highly unlikely.
Just as there's no evidence of other CAs' root certificate keys being
compromised.
> There may be no problem; they also may be completely worthless. Until
> there's full disclosure...
[snip]
They are not completely worthless until revoked, or distrusted by web browsers.
There is a risk that any CA issued SSL certificate signed by _any_ CA
may be worthless some time in the future, if the CA chosen is later
found to have issued sufficient quantities fraudulent certificates,
and sufficiently failed in their duties.
I suppose if you buy a SSL certificate, you should be looking for
your CA to have insurance to reimburse the cost of the certificate
should that happen, and an ironclad "refund" clause in the
agreement/contract under which a SSL cert is issued
E.g. A guarantee such that the CA will refund the complete
certification fee, or pay for the replacement of the SSL certificate
with a new valid certificate issued by another fully trusted CA,
and compensate for any tangible loss, resulting from the CA's
signing certificate being marked as untrusted by major browsers,
revoked, or removed from major browsers' trust list, due to any
failure on the CA's part or compromise of their systems, resulting in
loss of trust.
--
-JH
More information about the NANOG
mailing list