[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Dec 5 05:12:28 EST 2011


Ondrej Mikle <ondrej.mikle at nic.cz> writes:

>Matches my observations, especially when looking at CRLs of some small CAs
>(company internal). I had a hunch some of those revocations could be due to
>CA compromise, but from my point of view it is be only a speculation. I
>appreciate sharing your experience working with CAs, it gives me a bit more
>understanding in my guesswork how they operate internally :-)

So I'm going to invoke the Carl Ellison "if you think that's bad" rule (stated
approximately as "whenever someone tells a horror story about PKI, someone
else will come along with 'if you think that's bad...'") and mention a trusted
root CA that went out of business (I tracked its root key through three
resales but I have no idea who has it now) where not only did no-one who was
left know how to put reason codes in CRLs, there was no-one who actually knew
how to issue a CRL.  So if you had a cert from them you could pretty much do
whatever you wanted with it (until it expired naturally) because there was no
way to revoke it.

Peter.



More information about the cryptography mailing list