Search Form

Black Hat 2011: SSL And The Future of Authenticity


SSL And The Future Of Authenticity

This interesting presentation concerns a security protocol that you probably use everyday.  It is in your browser, on the server you connect to, and bought together by a “Certificate Authority”.  The idea behind SSL is to provide a secure connection between you, the client browser, and the server providing the sensitive data to you. For instance a Bank website is designed to provide the client with convenient access to account details, transactions, etc. But there is a major issue with a pivotal player in this process. The Certificate Authority or CA is charged with certifying the organizations to which it provides certificates.  The CA is supposed to be a trustworthy entity working on behalf of us, the end users, to ensure that any organization it issues a certificate to is credible and trustworthy. After all many users depend on the CA’s, SSL protocol, and issued certificates to enforce  authentication and integrity in the online space.  You have little choice but to trust the CAs and expect them to provide a high quality level of authentication services.

But many Certificate Authorities are doing a terrible job of certifying applicants and securing their own networks. Many CAs will issue a certificate by sending an email to the address used during account signup with a simple ‘click the link in this email to verify’ process. Email is not a fully secure medium, so how can you certify an entity for a global trust relationship with users through simple email? Many CAs have implemented extra steps such as phone authorization and checking registry information of the applicant domain. This is foolproof and still not enough.

Comodo is one such Certificate Authority that is failing to perform as a trust relationship broker.  Comodo failed to secure its process for issuing certificates and allowed hackers to request and obtain certificates for popular websites.  An attacker obtained the username and password of one of its registration authority partners, giving hackers the ability to request certificates with great ease.  The certificates obtained allowed hackers to impersonate the secure versions of websites such as Microsoft’s,, and The organization entrusted with providing the tools of a secure protocol failed to protect itself and users.  This egregious disregard for proper computer security and validation efforts enabled an unauthorized user to create false certificates on the interest, able to fool every computer in the world.

For many supporters of change to the SSL system this was a clear example of misplaced trust in a single entity.  This idea of giving a for-profit organization the ability to validate secure connections for all users on internet should prompt you to question this existing model of a secure protocol.  What happened to Comodo? – Nothing. No fines, no loss of business, it was as if nothing had happened. Worse still, if you were to discontinue your trust relationship with Comodo approximately 1/4 of the internet’s secure sites will be unavailable for your use. This trust model requires users to blindly trust an organization that is known to fail. Something must change in order for the security of SSL to remain a viable online tool for secure communication.

Moxie‘ has a solution to this SSL nightmare that will alleviate the forceful trust relationship between users and the CAs. Trust agility is the concept that the user may trust now, untrust later, the idea that the trust decision can be revoked at a later date without breaking chunks of the internet for the user. To apply this concept of user choice, the trust model of SSL must migrate from a central anchored source of trust (the CA) to a distributed trust model where the failure of one trust node does not affect the remainder of relationships. Moxie has developed a plugin now available for Firefox that implements the ideas of distributed rust agility. The plugin, Convergence is available at and is currently in beta development. Now anyone can use the new distributed convergence network to assist in decentralized SSL authentication with convergence. The plugin also  offers the ability to customize the node or notary list of trusted ‘CA’-like partners that make up the trust network. Could this revolutionize the way we use and implement secure browsing? Will businesses and lawmakers come to realize the need to update or fix SSL? Probably not in the short-term, but it will be interesting to see how many users install the convergence plugin for daily use.

Join in, share your thoughts

You must be logged in to post a comment.