Re: [therightkey] DNSNMC deprecates Certificate Authorities and fixes HTTPS security

Jacob Appelbaum <jacob@appelbaum.net> Mon, 23 December 2013 18:33 UTC

Return-Path: <jacob@appelbaum.net>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DB991AE23A for <therightkey@ietfa.amsl.com>; Mon, 23 Dec 2013 10:33:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.099
X-Spam-Level: **
X-Spam-Status: No, score=2.099 tagged_above=-999 required=5 tests=[BAYES_50=0.8, FSL_HELO_BARE_IP_2=1.999, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q8DkoBBJ0HbU for <therightkey@ietfa.amsl.com>; Mon, 23 Dec 2013 10:33:37 -0800 (PST)
Received: from mail-wi0-f179.google.com (mail-wi0-f179.google.com [209.85.212.179]) by ietfa.amsl.com (Postfix) with ESMTP id 29C6D1AE234 for <therightkey@ietf.org>; Mon, 23 Dec 2013 10:33:36 -0800 (PST)
Received: by mail-wi0-f179.google.com with SMTP id z2so6517882wiv.6 for <therightkey@ietf.org>; Mon, 23 Dec 2013 10:33:33 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:mime-version:to:subject :references:in-reply-to:openpgp:content-type :content-transfer-encoding; bh=lTmPon5ycHArp89IXpl+ESm1xkj66DBc0+ees7QaTMA=; b=Ht6Owmfe2iKumpetXtiJwNG5BXLdeoL5cGdi6SCvWUEuC/h4ZYGa0gbRZlKVO4cR2y 6jyz2Wcn6lcEGmctwXNo7aLnqynM4PGqdqMvUNqJ6opw0ZiCtu6lZV3QdUJLJI3r9ST8 rpR/yRIpBnZbcNZH4ZLZYyJS3xZrieto5+6m8xHPRr4/VWNf5qLB1PTNrbPcv7ennTQg Ozer6u0yhNfgi1d5spDQi575ZX8IY30MYCT9c7uJoRlacjaM0HDhhNOx4bHKOHBnugIp XzuwE/OCnoxrHawp87nqA/VUVAD5K72DdM55Lp2YzmPGwyBB5jJ61p7ymXxU4vBWF+hC Xt6g==
X-Gm-Message-State: ALoCoQk7fU7ImTFy5e5qlPmzr40lb/kLue0YWjv/7KWzWDmk9XSBTDb8eenJuNhJJdx0I1nQ7Fl4
X-Received: by 10.180.11.105 with SMTP id p9mr14115506wib.42.1387823613116; Mon, 23 Dec 2013 10:33:33 -0800 (PST)
Received: from 127.0.0.1 (chomsky.torservers.net. [77.247.181.162]) by mx.google.com with ESMTPSA id r10sm10585244wje.10.2013.12.23.10.33.28 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 23 Dec 2013 10:33:32 -0800 (PST)
Message-ID: <52B88104.9040607@appelbaum.net>
Date: Mon, 23 Dec 2013 18:29:24 +0000
From: Jacob Appelbaum <jacob@appelbaum.net>
MIME-Version: 1.0
To: therightkey@ietf.org, Seth David Schoen <schoen@eff.org>
References: <22429D73-4EFC-4091-8F5B-BAD38968EA54@taoeffect.com> <CAMm+LwiMXdEnHqD0y_S-fP6081Tk=A=7-9LsJQhRuawmmmfdTg@mail.gmail.com> <FEFA307D-97E0-4C58-AB43-5B9AB8E8FC70@taoeffect.com> <CAMm+Lwjwww28tV_qvqQVH3xo1xqvjb6z++258+LOqgxWn-Oh9w@mail.gmail.com>
In-Reply-To: <CAMm+Lwjwww28tV_qvqQVH3xo1xqvjb6z++258+LOqgxWn-Oh9w@mail.gmail.com>
OpenPGP: id=4193A197
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [therightkey] DNSNMC deprecates Certificate Authorities and fixes HTTPS security
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Dec 2013 18:33:39 -0000

Phillip Hallam-Baker:
> On Sun, Dec 15, 2013 at 8:50 PM, Tao Effect <contact@taoeffect.com>; wrote:
> 
>> And for someone who is accusing others of being 'fraudulent', not a good
>> move to start off repeating figures already exposed as bogus like the oft
>> repeated but still untrue claim of 600 CAs.
>>
>>
>> I thought the EFF was a reputable source.
>>
>> There has been no update or correction to their post:
>> https://www.eff.org/deeplinks/2011/10/how-secure-https-today
>>
> 
> Which kind of calls their credibility into question.

No, I don't think so, actually.

> HALF the 'CAs' in
> their graph are from the DFN root. You can check that out for yourself, it
> is a German CA that issues certs to higher education institutions. As has
> been demonstrated (and agreed by the EFF people), DFN do not sign certs for
> key signing keys they do not hold.

Their count isn't off simply because you want to reduce a large number
of keys into a single entity.

> 
> You can't calculate the number of CAs the way the EFF tried to. An
> intermediate certificate does not equate to a CA. Pretending it does to
> peddle an alternative PKI scheme calls into question their veracity.
> 

I disagree strongly. I have an intermediate certificate. I am as
powerful CA as a result.

Please also see these estimates which are even higher:

https://zakird.com/slides/durumeric-https-imc13.pdf

"Identified 1,832 CA certificates  belonging to 683 organizations"
"311 (45%) of the organizations were provided certificates by
German National Research and Education Network (DFN) "

http://link.springer.com/chapter/10.1007%2F978-3-642-39884-1_28

"More than 1200 root and intermediate CAs can currently sign
certificates for any domain and be trusted by popular browsers."

> I have tried to get members of the EFF board to look into this but they
> never get back. Too much trouble to get it right.

I've cc'ed Seth Schoen from the EFF - I'd be surprised if he had no
response.

Later you said:

> 1) Failing to examine the issue when the DFN root accounted for half of the
> purported '600 CAs'
> 

Other estimates appear to be much higher than the EFF count. What is
your qualification for what counts as a CA? For example - Debian
GNU/Linux ships with one set of ca-certificates, Chrome on Windows ships
with another, heck Microsoft even adds new CA certs dynamically, right?
So what is your metric exactly?

> 2) Continuing to count the DFN as 300 CAs when they know it is one.

The number matters because it isn't just an issue of control over a
single signing key. I'd be interested to hear how many of those
CAs/sub-CAs are able to sign leaf certificates.


All the best,
Jacob