[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

Kevin W. Wall kevin.w.wall at gmail.com
Sat Dec 3 13:44:56 EST 2011

On Fri, Dec 2, 2011 at 1:07 AM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
> OK, so it does appear that people seem genuinely unaware of both the fact that
> this goes on, and the scale at which it happens.  Here's how it works:
> 1. Your company or organisation is concerned about the fact that when people
> go to their site (even if it's an internal, company-only one), they get scary
> warnings.
> 2. Your IT people go to a commercial CA and say "we would like to buy the
> ability to issue padlocks ourselves rather than having to buy them all off
> you".

When it is *only* company-only, I think it's much more common for companies
to set up their internal CAs and just do something like an SMS or WSUS push
to get their internal root CA certs into all the trusted keystores of all the
company computers. I've only seen the latter case used when it involves
residential customers. We can't take that the approach to force them to
add our internal CA cert chain to their trust stores, and even if we could it
would likely result in so many calls to the help desk to make it infeasible.
However, we have occasionally used that approach with business partners.

> 3. The CA goes through an extensive consulting exercise (billed to the
> company), after which they sell the company a padlock-issuing license, also
> billed to the company.  The company is expected to keep records for how many
> padlocks they issue, and pay the CA a further fee based on this.
> 4. Security is done via the honour system, the CA assumes the company won't do
> anything bad with their padlock-issuing capability (or at least I've never
> seen any evidence of a CA doing any checking apart from for the fact that
> they're not getting short-changed).

Through the honor system? Does that mean that we can use a pair
of dice rolled two or three times for our "hardware key generation"? ;-)

Actually, more surprisingly, I've been told by those who manage
something like this for our company, that even the reported
number of padlocks that they issue and are expected to
compensate the CA for is kept on the honor systemm--at least
for the CA with whom we interact. (Or course, I'm assuming that
the this CA retains the right to periodically do audits, etc.)

Blog: http://off-the-wall-security.blogspot.com/
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We *cause* accidents."        -- Nathaniel Borenstein

More information about the cryptography mailing list