Wednesday, October 5, 2016

The flipside of cross-signing

The Chinese certificate authority WoSign used shady practices when issuing the certificates. To make things worse, it acquired the Israeli company named StartSSL and supposedly made it use WoSign's infrastructure. And that infrastructure was either misconfigured, or intentionally abused - we can only guess now.

Now, Apple has removed the root certificate of WoSign from its Trusted Roots. However, the WoSign's CA certificate is counter-signed by two other CAs, and that gives trust to the WoSign's CA. Without explicitly blocking this CA certificate neither Apple nor any other software vendor can't effectively prevent the abuse of the PKI infrastructure, when co-signing is used.

I was a proponent of the approach that certificates must be signed by more than one CA. This makes the system harder to compromise. But counter-signature must be validated using logical AND, not logical OR. One must require all three trusts to remain valid, rather than rely on any of the signatures, like in the above case.

I am wondering, how many security breaches should happen until the industry starts moving in the direction of requiring more than one valid signature on each certificate (or at least on CA certificates).

And I am afraid, that unless such movement is implemented in standards, we'll see vendors going in all directions implementing incompatible, if not mutually exclusive, approaches to strengthening PKI.

Full story here.

No comments: