[146762] in cryptography@c2.net mail archive
Re: [Cryptography] Opening Discussion: Speculation on "BULLRUN"
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Sat Sep 7 16:37:54 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <718DFA7882181D45B8BD18F31C46D55427B21F56@MBX204.domain.local>
Date: Sat, 7 Sep 2013 16:20:18 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Gregory Perry <Gregory.Perry@govirtual.tv>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>,
ianG <iang@iang.org>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============6625654685871538710==
Content-Type: multipart/alternative; boundary=001a1133f726476e5c04e5d0e259
--001a1133f726476e5c04e5d0e259
Content-Type: text/plain; charset=ISO-8859-1
On Sat, Sep 7, 2013 at 3:13 PM, Gregory Perry <Gregory.Perry@govirtual.tv>wrote:
> >If so, then the domain owner can deliver a public key with authenticity
> >using the DNS. This strikes a deathblow to the CA industry. This
> >threat is enough for CAs to spend a significant amount of money slowing
> >down its development [0].
> >
> >How much more obvious does it get [1] ?
>
> The PKI industry has been a sham since day one, and several root certs
> have been compromised by the proverbial "bad guys" over the years (for
> example, the "Flame" malware incident used to sign emergency Windows
> Update packages which mysteriously only affected users in Iran and the
> Middle East, or the Diginotar debacle, or the Tunisian "Ammar" MITM
> attacks etc). This of course is assuming that the FBI doesn't already
> have access to all of the root CAs so that on domestic soil they can
> sign updates and perform silent MITM interception of SSL and
> IPSEC-encrypted traffic using transparent inline layer-2 bridging
> devices that are at every major Internet peering point and interconnect,
> because that would be crazy talk.
>
Before you make silly accusations go read the VeriSign Certificate
Practices Statement and then work out how many people it takes to gain
access to one of the roots.
The Key Ceremonies are all videotaped from start to finish and the auditors
have reviewed at least some of the ceremonies. So while it is not beyond
the realms of possibility that such a large number of people were suborned,
I think it drastically unlikely.
Add to which Jim Bizdos is not exactly known for being well disposed to the
NSA or key escrow.
Hacking CAs is a poor approach because it is a very visible attack.
Certificate Transparency is merely automating and generalizing controls
that already exist.
But we can certainly add them to S/MIME, why not.
--
Website: http://hallambaker.com/
--001a1133f726476e5c04e5d0e259
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Sat, Sep 7, 2013 at 3:13 PM, Gregory Perry <span dir=3D"ltr"><=
;<a href=3D"mailto:Gregory.Perry@govirtual.tv" target=3D"_blank">Gregory.Pe=
rry@govirtual.tv</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">>If so, then the domain=
owner can deliver a public key with authenticity<br>
>using the DNS. =A0This strikes a deathblow to the CA industry. =A0This<=
br>
>threat is enough for CAs to spend a significant amount of money slowing=
<br>
>down its development [0].<br>
><br>
>How much more obvious does it get [1] ?<br>
<br>
</div>The PKI industry has been a sham since day one, and several root cert=
s<br>
have been compromised by the proverbial "bad guys" over the years=
(for<br>
example, the "Flame" malware incident used to sign emergency Wind=
ows<br>
Update packages which mysteriously only affected users in Iran and the<br>
Middle East, or the Diginotar debacle, or the Tunisian "Ammar" MI=
TM<br>
attacks etc). =A0This of course is assuming that the FBI doesn't alread=
y<br>
have access to all of the root CAs so that on domestic soil they can<br>
sign updates and perform silent MITM interception of SSL and<br>
IPSEC-encrypted traffic using transparent inline layer-2 bridging<br>
devices that are at every major Internet peering point and interconnect,<br=
>
because that would be crazy talk.<br></blockquote><div><br></div><div>Befor=
e you make silly accusations go read the VeriSign Certificate Practices Sta=
tement and then work out how many people it takes to gain access to one of =
the roots.</div>
<div><br></div><div>The Key Ceremonies are all videotaped from start to fin=
ish and the auditors have reviewed at least some of the ceremonies. So whil=
e it is not beyond the realms of possibility that such a large number of pe=
ople were suborned, I think it drastically unlikely.</div>
<div><br></div><div>Add to which Jim Bizdos is not exactly known for being =
well disposed to the NSA or key escrow.=A0</div><div><br></div><div><br></d=
iv><div>Hacking CAs is a poor approach because it is a very visible attack.=
Certificate Transparency is merely automating and generalizing controls th=
at already exist.=A0</div>
<div><br></div><div>But we can certainly add them to S/MIME, why not.</div>=
</div><div><br></div>-- <br>Website: <a href=3D"http://hallambaker.com/">ht=
tp://hallambaker.com/</a><br>
</div></div>
--001a1133f726476e5c04e5d0e259--
--===============6625654685871538710==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============6625654685871538710==--
