Re: [TLS] Eleven out of every ten SSL certs aren't valid
Bruno Harbulot <Bruno.Harbulot@manchester.ac.uk> Wed, 30 June 2010 00:01 UTC
Return-Path: <ietf-ietf-tls@m.gmane.org>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D617A3A6916 for <tls@core3.amsl.com>; Tue, 29 Jun 2010 17:01:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fDdjPV2GInSR for <tls@core3.amsl.com>; Tue, 29 Jun 2010 17:01:19 -0700 (PDT)
Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by core3.amsl.com (Postfix) with ESMTP id 938763A686A for <tls@ietf.org>; Tue, 29 Jun 2010 17:01:19 -0700 (PDT)
Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from <ietf-ietf-tls@m.gmane.org>) id 1OTkk1-0004fD-Ms for tls@ietf.org; Wed, 30 Jun 2010 02:01:25 +0200
Received: from rain.gmane.org ([80.91.229.7]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <tls@ietf.org>; Wed, 30 Jun 2010 02:01:25 +0200
Received: from Bruno.Harbulot by rain.gmane.org with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <tls@ietf.org>; Wed, 30 Jun 2010 02:01:25 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: tls@ietf.org
From: Bruno Harbulot <Bruno.Harbulot@manchester.ac.uk>
Date: Wed, 30 Jun 2010 01:01:12 +0100
Lines: 128
Message-ID: <i0e1g9$t9k$1@dough.gmane.org>
References: <E1OTVaY-0004g3-OW@wintermute02.cs.auckland.ac.nz> <20100629163354.GR11785@oracle.com> <AANLkTim6sYWlPSRUwYHP4UfkUNkfiVQ7xbj28fF6fOmz@mail.gmail.com> <20100629193416.GU11785@oracle.com> <AANLkTilF3TZn4DcjTmoKrv3Zcp441oyvWp-E9aJmH5hF@mail.gmail.com> <20100629204614.GX11785@oracle.com> <AANLkTinByiAIx1Pg4khiXLPb9KMexp2UUoZB7ikLzd6f@mail.gmail.com> <AANLkTik5HjADIdqIy4vzQrkQmP4nEwVa0xJUQ-gmkJvT@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: rain.gmane.org
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.9) Gecko/20100317 Lightning/1.0b1 Thunderbird/3.0.4
In-Reply-To: <AANLkTik5HjADIdqIy4vzQrkQmP4nEwVa0xJUQ-gmkJvT@mail.gmail.com>
Subject: Re: [TLS] Eleven out of every ten SSL certs aren't valid
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Jun 2010 00:01:21 -0000
Hi, On 29/06/2010 22:15, Ivan Ristic wrote: > On Tue, Jun 29, 2010 at 10:10 PM, Tim Dierks<tim@dierks.org> wrote: >> On Tue, Jun 29, 2010 at 4:46 PM, Nicolas Williams >> <Nicolas.Williams@oracle.com> wrote: >>> >>> The context was just how awful it is that 97% of servers don't have >>> valid certs >> >> That is not what is being said. What is being said is that 97% of DNS names >> that point at SSL servers do not validate with those DNS names. This is, on >> its face, is a statement about DNS configuration, not about SSL servers. >> (Creating a thousand DNS names for the IP address of a single SSL server >> will change this stat, although the owner and operator of the SSL server >> need not be involved in any way.) Not even that, it's a flaw in the assumption that for each DNS name there will be an HTTPS server listing there. That's definitely not true. >> To learn anything interesting about SSL servers at all, more work must be >> done. > > Yes, of course. I am attaching some of the metrics I will be > collecting from the 720K domains that have potentially valid > certificates. That's the meat of my survey. > > It's too late to change the metrics now (I've started with the > collection), but the plan is to continue with the survey indefinitely. I suppose it depends on what you've collected, in particular whether you've kept some of the raw data before giving a "red F" with score 0 to a certificate. I think https://www.ssllabs.com/ssldb/ is a fairly neat tool. I've scanned a couple of machines I'm hosting, and it diagnosed a weak cipher suite on one of them, which I was able to correct. Thanks for that! However, I think there are two major problems with the study: - the fact it seems to propagate the myth that a cert from a big CA is necessarily a "safe" cert and vice versa. - the fact that it assumes that a domain name will have one IP address on its own or that servers all support SNI. 1. Non-major CAs -> score 0, regardless of the other indicators. We tend to rely on the UK e-Science CA [1] for a number of machines. Some of my machines with UK e-Science certs score like this: - Certificate: 0 (unknown CA) - Protocol Support: 85 - Key Exchange: 90 - Cipher Suites: 90 That would get a "green A" if the CA was recognised. Unfortunately, it's not known by the tool, so it's disqualified. That's a bit harsh, isn't it? To give you a bit of background, to get a certificate (server or client) with this CA, I've had to turn up in person to see one of the CA representatives and show an official photo ID. How many CAs that are trusted out of the box in major browsers require that? ... And for all that trouble, I only get a blue bar in my browser (when I've imported the CA cert, of course). Surely, that would be worth a green bar! I would expect a bit more care in the wording (especially with quite a graphic colour ranking) when it comes to these issues. The accompanying document explains a bit the problem, but probably not well enough. Non-experts, including journalists after some sensational piece of news would quite easily focus on the "big red F" on that webpage, not necessarily understanding that it's in fact meaningless out of context. Admittedly, I have much less experience than many other people on this list, but I still hope TLS experts understand that Big CAs and EV certificates are not the perfect solution for trust management. (There probably isn't one anyway.) 2. Host names. There are a number of shared web hosting providers that have a large number of host names hosted on the same IP address. (Typically, with VirtualHosts on Apache Httpd). Sometimes, these servers will also have something listening on port 443 for a specific host name (perhaps a common admin interface or something like that, maybe not even intended to be used by the admin in which case a self-signed certificate would be just fine.) I suspect that many domains never really intended to host content over HTTPS there. Drawing the conclusion that there ought to be an HTTPS server with a certificate with the host name that the tool is after (as opposed to the host name the user would have used) is quite a short-cut. This could be solved with SNI, but considering that SNI was only introduced in Apache Httpd (mainstream) in May 2009 [2], it's not really surprising that it's not widely deployed in production systems yet. The point is that, before testing whether a certificate is valid, you should check whether there is a validity test to be made, in particular whether someone said there would be an HTTPS server there. From what I understand, the collection of names was more or less made from the whois registry. Have you found an https URI for each an everyone of them? Did you add the "www" prefix by default? If no one has claimed there would be a "secure website" at that domain, why would you test that non-existent claim? The tool is a good idea, however, the conclusions are flawed (and the esecurityplanet.com article focusses on the bits that are wrong.) Best wishes, Bruno. [1] http://www.ngs.ac.uk/cacerts [2] http://svn.apache.org/viewvc?revision=776281&view=revision
- Re: [TLS] Eleven out of every ten SSL certs aren'… aerowolf
- [TLS] Eleven out of every ten SSL certs aren't va… Peter Gutmann
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Martin Rex
- Re: [TLS] Eleven out of every ten SSL certs aren'… Adam Langley
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Tim Dierks
- Re: [TLS] Eleven out of every ten SSL certs aren'… Martin Rex
- Re: [TLS] Eleven out of every ten SSL certs aren'… Blumenthal, Uri - 0668 - MITLL
- Re: [TLS] Eleven out of every ten SSL certs aren'… Rob P Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Joshua Davies
- Re: [TLS] Eleven out of every ten SSL certs aren'… Yoav Nir
- Re: [TLS] Eleven out of every ten SSL certs aren'… aerowolf
- Re: [TLS] Eleven out of every ten SSL certs aren'… Rob P Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nikos Mavrogiannopoulos
- Re: [TLS] Eleven out of every ten SSL certs aren'… Bill Daskaluk
- Re: [TLS] Eleven out of every ten SSL certs aren'… Tim Dierks
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nicolas Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Marsh Ray
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nicolas Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nicolas Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nicolas Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Tim Dierks
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Tim Dierks
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nicolas Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Marsh Ray
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Marsh Ray
- Re: [TLS] Eleven out of every ten SSL certs aren'… aerowolf
- Re: [TLS] Eleven out of every ten SSL certs aren'… Jeffrey A. Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Bruno Harbulot
- Re: [TLS] Eleven out of every ten SSL certs aren'… Bill Frantz
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nicolas Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Bruno Harbulot
- Re: [TLS] Eleven out of every ten SSL certs aren'… Peter Gutmann
- Re: [TLS] Eleven out of every ten SSL certs aren'… Peter Gutmann
- Re: [TLS] Eleven out of every ten SSL certs aren'… Marsh Ray
- Re: [TLS] Eleven out of every ten SSL certs aren'… Ivan Ristic
- Re: [TLS] Eleven out of every ten SSL certs aren'… Florian Weimer
- Re: [TLS] Eleven out of every ten SSL certs aren'… Peter Gutmann
- Re: [TLS] Eleven out of every ten SSL certs aren'… Bruno Harbulot
- Re: [TLS] Eleven out of every ten SSL certs aren'… Blumenthal, Uri - 0668 - MITLL
- Re: [TLS] Eleven out of every ten SSL certs aren'… Martin Rex
- Re: [TLS] Eleven out of every ten SSL certs aren'… Steffen Schulz
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nicolas Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Martin Rex
- Re: [TLS] Eleven out of every ten SSL certs aren'… aerowolf
- Re: [TLS] Eleven out of every ten SSL certs aren'… aerowolf
- Re: [TLS] Eleven out of every ten SSL certs aren'… Marsh Ray
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nicolas Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Seth David Schoen
- Re: [TLS] Eleven out of every ten SSL certs aren'… Nicolas Williams
- Re: [TLS] Eleven out of every ten SSL certs aren'… Martin Rex
- Re: [TLS] Eleven out of every ten SSL certs aren'… Martin Rex
- Re: [TLS] Eleven out of every ten SSL certs aren'… =JeffH
- Re: [TLS] Eleven out of every ten SSL certs aren'… Peter Gutmann
- Re: [TLS] Eleven out of every ten SSL certs aren'… Peter Gutmann
- Re: [TLS] Eleven out of every ten SSL certs aren'… Peter Gutmann
- Re: [TLS] Eleven out of every ten SSL certs aren'… Steingruebl, Andy
- Re: [TLS] Eleven out of every ten SSL certs aren'… Peter Gutmann
- Re: [TLS] Eleven out of every ten SSL certs aren'… Steingruebl, Andy
- [TLS] TLS, PKI, and web security. Was: Eleven out… Marsh Ray
- Re: [TLS] Eleven out of every ten SSL certs aren'… Peter Gutmann
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Peter Gutmann
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Marsh Ray
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Robert Relyea
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Bruno Harbulot
- Re: [TLS] TLS, PKI, Martin Rex
- Re: [TLS] TLS, PKI, Robert Relyea
- Re: [TLS] TLS, PKI, Marsh Ray
- Re: [TLS] TLS, PKI, Martin Rex
- Re: [TLS] TLS, PKI, Peter Gutmann
- Re: [TLS] TLS, PKI, Peter Gutmann
- Re: [TLS] TLS, PKI, Marsh Ray
- Re: [TLS] TLS, PKI, Bruno Harbulot
- Re: [TLS] TLS, PKI, Peter Gutmann
- Re: [TLS] TLS, PKI, Yoav Nir
- Re: [TLS] TLS, PKI, Yoav Nir
- Re: [TLS] TLS, PKI, Peter Gutmann
- Re: [TLS] TLS, PKI, Peter Gutmann
- Re: [TLS] TLS, PKI, Bruno Harbulot
- Re: [TLS] TLS, PKI, Robert Relyea
- Re: [TLS] TLS, PKI, Marsh Ray
- Re: [TLS] TLS, PKI, Martin Rex
- Re: [TLS] TLS, PKI, Steingruebl, Andy
- Re: [TLS] TLS, PKI, Kyle Hamilton
- Re: [TLS] TLS, PKI, Marsh Ray
- Re: [TLS] TLS, PKI, Peter Gutmann
- Re: [TLS] TLS, PKI, Bruno Harbulot
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Peter Gutmann
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Marsh Ray
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Peter Gutmann
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Ralph Holz
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Yoav Nir
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Nasko Oskov
- Re: [TLS] TLS, PKI, Martin Rex
- Re: [TLS] TLS, PKI, Martin Rex
- Re: [TLS] TLS, PKI, Peter Gutmann
- Re: [TLS] TLS, PKI, and web security. Was: Eleven… Kyle Hamilton