On 09/07/2013 04:20 PM, Phillip Hallam-Baker wrote:

Before you make silly accusations go read the VeriSign Certificate Practices 
Statement and then work out how many people it takes to gain access to one of 
the roots.

The Key Ceremonies are all videotaped from start to finish and the auditors 
have reviewed at least some of the ceremonies. So while it is not beyond the 
realms of possibility that such a large number of people were suborned, I think 
it drastically unlikely.

Add to which Jim Bizdos is not exactly known for being well disposed to the NSA 
or key escrow.

Hacking CAs is a poor approach because it is a very visible attack. Certificate 
Transparency is merely automating and generalizing controls that already exist.

But we can certainly add them to S/MIME, why not.

VeriSign is one single certificate authority.  There are many, many more 
certificate authorities spread across the world, and unless you can guarantee 
an air-gapped network with tightly constrained physical security controls and a 
secret videotaped bohemian ceremony such as the one you reference above at each 
and every one of those CAs, then maybe it's not such a "silly accusation" to 
think that root CAs are routinely distributed to multinational secret services 
to perform MITM session decryption on any form of communication that derives 
its security from the CA PKI.

To whit:  "...Mozilla maintains a list of at least 57 trusted root CAs, though 
multiple commercial CAs or their resellers may share the same trusted root)." 

Another relevant read:  

The cryptography mailing list

Reply via email to