Russia attempts mandating installation of root CA on clients for TLS MITM

Masataka Ohta mohta at
Sun Mar 13 15:18:39 UTC 2022

Sean Donelan wrote:

> You'll notice there still isn't a CA trust list for use in the USG :-)

It merely means that PKI does not have its own security and relies
on trust for all the CAs (not only the root ones), which means PKI
is as secure as the plain Internet, which is secure if all the ISPs
are TPPs (trusted third parties).

If you can assume all the CAs are TPPs, you can also assume all the
ISPs are TPPs.

> About 95% of the TLS certificates globally are ultimately signed by about
> six CA organizations depending how you track ownership. (I know, 
> multiple "abouts" in that sentence).  The long tail of global business, 
> means most operating systems ship (or after the installation autoupdate) 
> with 100+ trusted certificate authorities by default.

The number of blindly trusted root CAs is irrelevant because PKI
with just one not-so-trustworthy root CA is bad enough.

PKI is just insecure.

							Masataka Ohta

More information about the NANOG mailing list