[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] How much of SSL CA protected traffic is read by NSA etc. according to...?



> Note that they'd really only need command of *one* CA that is trusted to pull it off (see also the trick that corporate web appliances use to transparently intercept SSL) .. although that would make them likely to get caught at it. 

Google at least check the root certificate that Google provides and ensures it's correct:

"Subsequently, a certificate for *.google.com which was issued by their Root CA was found in the wild, and reported by an astute user who was using Chrome as his browser. Chrome has extra checks built in for accessing Google sites, and displayed a warning to the user."

So my feeling is you'd need to compromise the actual certificate for Google and can't rely on having an arbitrary root certificate. 

In any case, they don't need to compromise a root CA. They already have one in your browser I think. There are various US government agencies in there I think.

The larger point here is that root CAs are too powerful. I might trust a CA for .mil but I shouldn't have to then trust them for everything. The military might have the reverse view on who should be able to sign .mil

We need to have a serious discussion about whether all the root CAs can be trusted for literally everything. 

Also maybe domains can be multi-signed so I can say well I trust that root but not some others. 

Web certificates is broke, certification itself might not be fundamentally flawed.

Just a few thoughts... 

Philip Whitehouse

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk