PKIX for WebServer SSL certificates will eventually die

When we (as in humans) rip open a browser window and enter a “URL” into the address bar and a page from the address is rendered (without any security warnings) what are we actually trusting?

We are trusting that the browser will assure us that the page actually came from a domain’s webservers ( and not anyone elses webserver ). The web servers SSL certificate is a statement signed by a “trusted” Root or intermediate CA that the webserver is authorized to state that it can be called by the domain name. This is known as a PKIX trust. CA’s have to go to a lot of length to prove that the person / legal entity which requests a SSL certificate for the domain really “owns” the domain and may request a certificate in the first place. CAs can spend more or less effort proving that a domain is really owned by the requestor. Mechanisms like ExtendedValidation goes in the direction of more thoroughly identifying the organization and checking that this really “owns” the domain. The “who” owns a domain is normally not necessary to know. ExtendedValidations are just providing more assurances that the CAs don’t make mistakes. Making mistakes shouldn’t be a huge problem for “leaf” certificates – but the effort going into ExtendedValidation can only mean that 1) it is lucrative for the CAs and 2) we don’t trust that revocation works ( a legitimate concern ) .

When i surf on – the name of the domain itself is what i’m conversing with, so knowing more about the company and where it is located geographically is mostly irrelevant. When the page from reaches the browser, together with the SSL server certificate, the browser checks that the domain name entered ( and DNS lead to the server ) is matched by the server’s SSL certificate, and that a reputable CA issued the SSL certificate. The PKIX mechanism protects us from DNS poisoning leading us to a bogus server which presents a legitimate certificate, because legitimate certificates should only be issued to legitimate owners of the domain.

To cut a long story short – if DNS could be trusted absolutely – then PKIX trust would be almost irrelevant for SSL web servers, in fact would we even need SSL server certificates? If you could bind a public key directly into a DNS record for the domain. I don’t know DNSSEC if it goes this far. Obviously there are use cases where I want to know about the company behind the domain name – and that information is carried by the PKIX certificates of the domain, but other services like WHOIS could be revamped to fill this gap.

Maybe eventually PKIX will then mutate to a system where nations/government authorities really use it to bind public keys to natural persons/organizations/legal entities in a more meaningful way than it is done today. This would require making the X500 directories themselves more transparent and binding meaningful national/international identifiers into it. Still – I believe that in the long term, the SSL certificate monopoly WebTrust, all the root trust programs of all operating system manufacturers, and most current public CA’s will dissapear and be replaced by state run CAs.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: