[191270] in North American Network Operators' Group
Re: Chinese root CA issues rogue/fake certificates
daemon@ATHENA.MIT.EDU (Royce Williams)
Wed Aug 31 14:46:23 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <CA+E3k91eiwyykLV05fVL89Fd=USe-pzuhFRx4SFaCnuYMYskKA@mail.gmail.com>
From: Royce Williams <royce@techsolvency.com>
Date: Wed, 31 Aug 2016 10:45:48 -0800
To: Eric Kuhnke <eric.kuhnke@gmail.com>
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Tue, Aug 30, 2016 at 9:11 PM, Royce Williams <royce@techsolvency.com> wrote:
> On Tue, Aug 30, 2016 at 8:38 PM, Eric Kuhnke <eric.kuhnke@gmail.com> wrote:
>>
>> http://www.percya.com/2016/08/chinese-ca-wosign-faces-revocation.html
>>
>> One of the largest Chinese root certificate authority WoSign issued many
>> fake certificates due to an vulnerability. WoSign's free certificate
>> service allowed its users to get a certificate for the base domain if they
>> were able to prove control of a subdomain. This means that if you can
>> control a subdomain of a major website, say percy.github.io, you're able to
>> obtain a certificate by WoSign for github.io, taking control over the
>> entire domain.
>
>
> And there is now strong circumstantial evidence that WoSign now owns -
> or at least, directly controls - StartCom:
>
> https://www.letsphish.org/?part=about
>
> There are mixed signals of incompetence and deliberate action here.
Hypothetically, it would be an interesting strategy for a CA to
publicly demonstrate this level of competence:
https://www.schrauger.com/the-story-of-how-wosign-gave-me-an-ssl-certificate-for-github-com
... while at the same time taking over another large install base like
StartSSL's (an install base fueled by offering free certs).
If one got caught doing something naughty, one could buy time by A)
playing the incompetence card a few times, and B) having a large
enough deployment that it becomes non-trivial for the browsers/OSes to
revoke you outright.
I'm oversimplifying, as I do not yet actually grok the WoSign <->
StartCom cert trust relationship - but the individual components are
... interesting.
Also, this is a cautionary tale about certificate diversity.
Because of relative issuer stability, orgs have had the luxury of
depending wholly on a single cert supplier. The risk/continuity folks
might want to model some "one of our major certificate issuers just
got globally revoked" scenarios - if they haven't already.
(Side note: compromises in the global trust ecosystem play a
fascinating part in Vinge's 2007 Hugo-winning "Rainbows End" - a great
read).
Royce
