Fake Google subdomain certificates found in the wild




The hierarchical nature of the certificate signing is a major vulnerability, as demonstrated over and over.

Rough thought. Can the fingerprints of the certificates be signed by e.g. GnuPG, adding web-of-trust mechanism in parallel to the hierarchical one?

An improvised implementation for HTTPS can be done via a detached signature, stored in a file with defined location (e.g. /certsign.gpg ?) This can be implemented as e.g. a browser extension that fetches the file, checks the signatures, and shows an icon displaying the results and optionally showing the entire web-of-trust on click.

Another possibility is crowdsourcing the fingerprints; having some server/service that the browsers connect to when contacting a HTTPS domain, and checking the fingerprint and certificate history.

Both methods are independent on the signing hierarchy, are complementary, and can work for self-signed certificates as well.


isn't SSL already based on a web of trust? it's just a certain group are considered "super trustworthy" and charge people to sign their certs. this one for instance has that google trusts microsoft trusts this indian company, and these companies trust that indian company. the issue here is that there is a hole in the web of trust.

could be wrong...


SSL is not based on a web, it's a tree. In a web, you can compromise a point or more and the compromise will be local, or entirely contained if the other signatures on multiply-signed signature (heh) are not compromised; the discrepancies will then show like a sore thumb. In a tree, you compromise the top and everything is gone; you compromise a point lower and the entire branch is gone.

With web-of-trust you have other issues, but you have a good chance to meet a local cypherpunk in e.g. a hackerspace or at a conference or at a dedicated keysigning party, and be a step or two or at most three from the most important signatures. Seeing that such key is in the list of the signatures on the certificate, and the key is not revoked, is a trust booster; seeing there a key signed by that key is a bit less of such trust booster but still good. And so on.

These things are tricky.


This topic was automatically closed after 5 days. New replies are no longer allowed.