Frank Hecker: > Eddy Nigg (StartCom Ltd.) wrote: > >> This particular part DOES bother you, because wild card certificates >> aren't controllable in the same way as regular ones. A seemingly >> innocent domain name can become a tool for phishing. For example >> *.domain.com matches paypal.domain.com and paypal-objects.domain.com, >> something a CA can not control in these circumstances (you can't assume >> that a CA can adequately control wild card certificates as you mention >> above). Wild card certificates shouldn't rely on domain validation >> only. >> > > To play devil's advocate here: Yes, I love real world examples! And this is such a serious issue and I'll try to play the devil myself... > There are web hosting services that allow > customers to easily create their own subdomains under the hosting > service domain, e.g., "foo.hosting.com" where "hosting.com" is the > domain associated with the hosting service itself. Correct. Another example are DNS server providers for dynamic IP addresses. They belong to the same family. > If the hosting service uses a wildcard cert to allow those subdomains to use > SSL, and > allows customers to set up new subdomains with minimal oversight, how > does it help to have the wildcard cert to be identity-validated as > opposed to domain-validated?
Good question and here the answer: In case of any misuse or fraudulent use - no matter what's the purpose including the scenario from above, the CA and also relying parties would KNOW the real identity of the domain name owner. This is the major reason why such certificates should be higher validated then DV. I view this similar to code signing certificates where there is no other indication such as a URL in the addressbar or an email address. Why aren't code siging certificates just email validated? I claim that the same applies to wild card certificates, because they aren't controllable in the same as regular DV certificates. The subject line and URL in the addressbar don't have to match, but only partly! > In either case people can set up domains > like paypal.hosting.com without the knowledge of the CA, since the CA is > (at best) vetting the identity of the hosting service and not the > identity of the hosting service's customer. > And this is EXACTLY the core of the issue here! Should a request for such a certificate be made (like paypal.hosting.com), the CA has first of all the KNOWLEDGE about such a request and has the option to intervene during and after the process of issuance of said certificate. Not so if this is a wild card certificate and therefore the CA MUST obtain additional information (e.g. verify the identity and/or organization). This is a blank card which gives additional power and trust to the subscriber. This MUST be earned by proper validation. > Also, I see no distinction in terms of security impact between someone > using a domain validated cert to set up a site like "paypal-host.com" > and someone setting up a site like "paypal.hosting.com" using a > domain-validated wildcard cert. > The huge difference is, that such a certificate wouldn't be issued in first place. CAs have and should have proper measures in place to prevent this from happening in first place. Should such a certificate have been issued nevertheless, the CA has the KNOWLEDGE to intervene accordingly with all the resources at its disposal BEFORE harm can be done. My assumption is of course, that we are talking about proper implementation of the CA business. CAs do have provisions for such cases in their CPSs most of the time and implementations accordingly. CAs (should) monitor the issuance of certificates even in automated processes. This is where the difference comes in, because the same isn't possible with wild card certificates. > Indeed, and regular domain-validated certificates (e.g., for > "paypal-host.com") can also be intended for fraudulent use. (For that > matter, so can identity-validated certs, since the applicant might have > forged their identity documents.) Perhaps also here there is the assumption that validation is properly done. It's obviously useless if one can just can send in the ID documents of your friend and no additional vetting is performed. This would be again a case for section 4 and 6 of the Mozilla CA policy!!! > The key word here is "knowingly". This > language in the policy was intended to cover cases where CAs were > willing and knowing accomplices to fraud. > Issuing certificates which claim to be validated without such vetting ever having performed is tantamount to KNOWINGLY and WILLINGLY contribute to a possible fraud. I claim that issuing wild card certificates without proper vetting as described above equals the same. -- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
