[email protected] www.digicert.com +1 (801) 877-2100 Everything in PKI but the Kitchen Sink (in 30 minutes or less) Jeremy Rowley
Mar 28, 2015
[email protected] www.digicert.com +1 (801) 877-2100
Everything in PKIbut the Kitchen Sink
(in 30 minutes or less)Jeremy Rowley
• The new gTLDs will break the internet!• Certificate authorities (CAs) are completely unregulated.• CAs haven’t changed since the 90s.• Browsers don’t even check revocation anymore.• All certificates are the same so the CA doesn’t matter.• SSL is no longer secure!
Common Incorrect Assumptions
•CAs generate “roots” and issue certificates• Public v. private CAs• Audit Criteria• Browser Requirements• Operations defined by CPS• About 65 public CA entities
•RAs verify identities• Multi-factor authentication• Audit Criteria• Operations defined by standards
•Pending Regulations/Standards• Qualified SSL Certificates• ISO update• NIST CP
CAs and RAs
Low standard:SSAC 085: The SSAC recommends that the ICANN community should seek to identify validation techniques that can be automated and to develop policies that incent the development and deployment of those techniques. The use of automated techniques may necessitate an initial investment but the long-term improvement in the quality and accuracy of registration data will be substantial.
Established standards:• CA/Browser Forum
• EV/OV/DV• Used by Browsers/Public CAs
• NIST• LOA1-LOA4• Used by government and healthcare
• Kantara• LOA1-LOA4• International Standards
• FBCA• Rudimentary, Basic, Medium, Medium Hardware, High• Used in government, aerospace, and healthcare
Validation Standards
Domain
Verificatio
n
• WHOIS• Domain challenge• Demonstration of control
Organizati
on Verificatio
n
• Organization name and address• Certificate authorization• Verified contact
Extended Validation
• Jurisdiction of Incorporation• Telephone and Place of Business• Signing Authority
Other
Attributes
• Membership in a community• Credentials
Validation Process
•Major industry improvements since 2006• Higher security standards• Better identity vetting process
•Minimum security requirements for trust• 2048• Move to SHA2• No compromised cipher suites/hash functions• Security standards
•Non-trusted certificate causes browser warnings• Chained to trusted root• Valid and unexpired
•Issues• Cookies • Publishing revocation information• Outdated domain information
Transactional Security
Revocation Information
• All major browsers perform some level of certificate revocation checking• OCSP• CRL• CRL Sets• OCSP Stapling
• All SSL public CAs provide revocation information via OCSP• Cache times vary by browser
• Longest is 7 days• OCSP stapling provides OCSP response with the certificate
• Eliminates communication with CA• Current server distributions support stapling
Internal Names
• Internal Server Name• .example, .corp, .mail• ~20,000 certificates• Common/recommended practice until 2011• Used by Exchange, blackboard, and other software
• ICANN• Name collision risks (.corp, .home)• MITM attack risks• Paypal letter – 13 domains • CA/Browser Letter• Add .mail
• Barriers to Remedies• Established systems• Long-lived certificates• Training of server operators• Costs
Mitigating Risks Related to Internal Names
CA/Browser Forum• Previous deprecation – November 2015• Accelerated deprecation – 120 days of contract signing• 120 days selected to account for .corp (adopted July 2013)• Advanced notice from ICANN
CAs• Internal server name tools• Outreach to customers
ICANN Collision Mitigation• Not release .corp and .home• Evaluate 20%• Release 80%
Opinion• .mail should be included• 20% is too high (many names are not that prevalent)
Certificate Transparency (CT)• Public logs of all certificates• Signed proof in certificate• Detect mis-issuance• Being deployed in Chrome
Certificate Authority Authorization (CAA)• DNS record specifying authorization• Prevents mis-issuance• Requires no browser changes• Already deployed by Mozilla and Google
Key Pinning• Associates domain with specific certificate• Can pin root, intermediate, or end-entity• Potential bricking problem• Deployed in Chrome
DNS-Based Authentication of Named Entities (DANE)• Relies on DNSSEC• Specifies public key in DNS• Several modes, including public certificates• Not deployed in major browsers
Developments
Industry Improvements
Next Steps
Improve research and multi-stakeholder collaboration• Many improvements need additional consideration
Implement improvements where needed and as completed• Many proposals will take time to deploy and need further refinement
Discuss the 20%• Many of these can likely be approved sooner than later, with a few that simply should not be granted
Make continuous improvements• Monitor emerging security threats and continue looking for ways to improve security
Improve WHOIS • Significant benefits in security with notice to CAs of registrant changes
Work with CAs• CAs are interested in improving the landscape, and DigiCert is taking a lead role, especially with CT• Most CAs are excited about new developments
Look forward to the future• Many smart people are working on these issues, and the future looks good
• EV Guidelines, Baseline Requirements, Code Signing, Security RequirementsCA/Browser Forum
• OCSP stapling adoption, research in PKI, disseminating accurate informationCASC
• Updated audit criteria, more stringent standardsETSI/Webtrust
• New standards in identity vetting and operationsISO
• Draft certificate policy, updated identity vetting requirementsNIST• New technology, Pinning, CAA, CT, DANE, evaluating
implementationsIETF
• New and improved WHOIS informationICANN
• Developing and promoting SSL best practicesOTA
Industry Movers