ianG <[email protected]> writes: >Wifebeating syndrome :) I was aware of the claim of MITMing, but nobody >offered proof and it sort of faded away under the cover of NDAs.
You do need to distinguish between CAs issuing sub-CA certs (not for MITM but for businesses who need them) and DPI MITM certs. It's the sub-CA certs that have been around for a decade or more, the MITM certs are a lot newer, and I'm not sure that the CAs know if, or that, they're being used for this. For example a legitimate reason for having a sub-CA is that you want to secure your servers but don't want to reveal to a third party your entire internal corporate infrastructure. So you buy a sub-CA cert and issue your own internal-use-only certs off it, and you don't have to tell anyone what you're doing. Or you may need 10,000 different certs a year every year and it's not possible to do that via an interface designed for one cert at a time, so you need to run your own CA to handle the volume and diversity. A variation of this is that you act as an RA for the public CA, so you forward gimme-a-cert requests on to the public CA with the understanding that you've checked that they're legit. That Comodo reseller that got compromised seems to have been one of these, except that they sold to the public rather than being for corporate-internal-use only. There's a million reasons why you'd need to do this sort of thing, and most of them are legitimate business needs, so it's not as if this is some arbitrary ill-considered decision, it meets a legitimate need. The problem is caused (again) by the browser PKI model, if you don't have your cert chaining to one of a small set of browser-vendor-blessed CAs then you've DoSed your own servers/sites/whatever, however you may not be in a position to buy certs from public CAs, so the solution is to buy the CA capabilities that allow you to deal with this yourself. Following conventional PKI thinking, should you misbehave (certs for google.com suddenly turn up issued by your sub-CA) then your sub-CA cert gets revoked, you lose your 5-6 digit license fee, and possibly the CA gets to beat you over the head with lawyers. So there's really no problem. Oh, except for the fact that revocation doesn't work and in any case no-one checks to see what you're up to. But on paper everything's OK. Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
