[144423] in North American Network Operators' Group
Re: Microsoft deems all DigiNotar certificates untrustworthy,
daemon@ATHENA.MIT.EDU (Jimmy Hess)
Sun Sep 11 19:02:59 2011
In-Reply-To: <CABSP1Ofnjj27TsA=U4zs7-tpU67pbysSVFygD=WYtJwyTXzDWw@mail.gmail.com>
Date: Sun, 11 Sep 2011 18:02:03 -0500
From: Jimmy Hess <mysidia@gmail.com>
To: Damian Menscher <damian@google.com>
Cc: NANOG mailing list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Sep 11, 2011 at 1:30 AM, Damian Menscher <damian@google.com> wrote:
> On Fri, Sep 9, 2011 at 11:33 PM, Jimmy Hess <mysidia@gmail.com> wrote:
> Because of that lost trust, any cross-signed cert would likely be revoked=
by
> the browsers. =A0It would also make the browser vendors question whether =
the
I am not engaging in speculation that DigiNotar plans to continue to
operate, they have already stated so much.
http://www.vasco.com/company/press_room/news_archive/2011/news_diginotar_re=
ports_security_incident.aspx
"VASCO does not expect that the DigiNotar security incident will have
a significant impact on the company=92s future revenue or business
plans."
So long as DigiNotar can show what they are required to show when they
would request
re-signing, and another CA can legitimately cross-sign their cert,
following that CA's official
correct certification practices; it's unlikely to lead to the signer
being revoked.
As far as we know, DigiNotar is not dead, it is just a really great
example showing how broken TLS security model is.
The trust model hard-coded into the protocol is much weaker than the
cryptography.
Since the browsers already approved that root CA's certification
practices. Particularly not
if the cross-signer is one of the larger CAs such as Thawte or Verisign =
---
the browser might as well remove SSL support altogether, if they will
perform a revokation
that renders 40% of internet web server SSL certs invalid.
--
-JH
