[cryptography] GlobalSign temporarily ceases issuance of all certificates

Ian G iang at iang.org
Wed Sep 7 17:47:35 EDT 2011


On 8/09/11 6:02 AM, I wrote:
> Hmmmm.... I'm not sure I'd suspend issuance without some evidence.

On 8/09/11 6:13 AM, Franck Leroy wrote, coz he checked the source!:
 >
 > http://pastebin.com/GkKUhu35
 >
 > extract:
 >
 > Third: You only heards Comodo (successfully issued 9 certs for me -
 > thanks by the way-), DigiNotar (successfully generated 500+ code
 > signing and SSL certs for me -thanks again-), StartCOM (got connection
 > to HSM, was generating for twitter, google, etc. CEO was lucky enough,
 > but I have ALL emails, database backups, customer data which I'll
 > publish all via cryptome in near future), GlobalSign (I have access to
 > their entire server, got DB backups, their linux / tar gzipped and
 > downloaded, I even have private key of their OWN globalsign.com
 > domain, hahahaa)....



Snap!  OK, I'm convinced.  Suspend :)

Given the DigiNotar experience, this is a dead cert.

Reason being, DigiNotar has established a liability pattern, and the CA 
mentioned above has figured out that it might apply to them.

Under normal corporate governance escalation procedures, "might" becomes 
"are you willing to bet your job?"  Risk modelling out the window :)


 > BUT YOU HAVE TO HEAR SO MUCH MORE! SO MUCH MORE!
 > At least 3 more, AT LEAST! Wait and see, just wait a little bit like I
 > said in Comodo case.
 >
 > This is very disturbing...

Somebody on one of these lists made the point that the attacker wasn't 
acting like what was expected in the designed threat model.

It is not a new observation that the original threat modelling had flaws 
you could drive a truck through :)  To add to that, the original 
security requirement was to protect Credit cards.  Only.  Which have a 
known value range, a loss model, an insurance model, institutions 
already at arms to protect Robbie Relier.

So, when people started using SSL for other purposes (email, banking, 
but not porn) ... what happens?

Well, the value changed (up or down?) ... and the insurance disappeared.

Perhaps this is just another one of those aphorism moments?

     "There is only one security model, and it are belong to me."


 > Franck.
 > _______________________________________________
 > dev-security-policy mailing list
 > dev-security-policy at lists.mozilla.org
 > https://lists.mozilla.org/listinfo/dev-security-policy



iang



More information about the cryptography mailing list