Re: [TLS] Eleven out of every ten SSL certs aren't valid

[Martin Rex <mrex@sap.com>]

What I entirely forgot to mention:

Thank you Ivan for setting up this SSL Test as a publicly accessible service!
It is a really neat tool and collects a lot of quite useful information.

(Unsurprisingly, I don't agree with _some_ of the scoring/conclusions).

aerowolf@gmail.com wrote:
> 
> On Tue, Jun 29, 2010 at 7:38 AM, Martin Rex <mrex@sap.com> wrote:
> >
> > It is simply impossible to come up with meaningful numbers if
> > you starting point is DNS-records and accessible hosts.
> 
> Out of curiosity, where would you suggest that the starting
> point for meaningful numbers be?


The conclusion that only 3.17% of the SSL-Servers out there show
valid SSL certificates does _not_ match reality, so the collected
data clearly does not provide a ground for some of the conclusions
that have been drawn.

Drawing conclusions about the SSL-Servers that present an "acceptable"
certificate is less of a problem, but making any assessments about
hosts where the Servers cert does not match without any proof that
this is not what the _owner_ of that host intended amounts to
wild guessing.  Making assumptions what the owner might have or
should have intended is just wrong.  In many cases, if you looked at
the contents of the served pages, you might realize that their
either is no Web-Server (configured) behind the requested hostname
at all, or it might be a different hostname than what you expected.


DNS is not a database of Web-Servers, much less a database of
TLS-enabled Web-Servers.  While there is a certain likelyhood
that a DNS entry called "www.f.q.d.n" points to a (HTTP) Web-Server,
the assumption that this Web Server could be reached via HTTPS on
port 443 is obviously flawed (as indicated by the 3.17% success rate).


SSL server certificates that Web browsers will trust out-of-the-box
is first of all a CA business model, since SSL server certificates
cost a significant and yearly recurring fee -- a fee that often
exceeds the yearly fee of the web-hosting plus domain name
for some of the hosters.  Virtual Webhosting is one of the reasons
why you can get it fairly cheap.   In face of the depletion of
IPv4 address space, the amount of virtual (http) hosting is
probably increasing every day. 


It has been previously mentioned by others: the importance of the
SSL Server cert being issued by one of the CAs that is distributed
as pre-trusted with Web-Brosers is largely overestimated.  Every day
I stumble over new reasons just how broken that trust anchor
distribution scheme is.

One of the CAs has started moving to a 2048 RSA-cert (still sha1 though)
last year, and the X.509v3 self-signed cert that is distributed with
browsers contains several X.509v3 extensions such as extendedKeyUsage
and subject/authorityKeyIdentifiers -- but it LACKS the basic Constraints
(allowed to act as a CA marked criticial) -- which is why our OEM
PKI software rejects certificate chains with that cert at the end.  
I mean this is an obvious clear defect, but Browsers such as MSIE,
Firefox and Opera ship more than one defective cert as pre-trusted.


-Martin