[cryptography] Another data point on SSL "trusted" root CA reliability (S Korea)

Ralph Holz holz at net.in.tum.de
Sun Sep 18 06:11:59 EDT 2011


Hi,

True, we found about 80 distinct certificates that had subject
"Government of Korea" and CA:TRUE [1].

In our full dataset from April 2011, however, we found about 30k
certificates with this property. None of them had valid chains to the
NSS root store. The numbers do not seem to change over time: in Nov
2009, it was about 30k, and about the same in Sep 2010. In the EFF
dataset of the full IPv4 space, I find 773,512 such certificates.
*Distinct* ones - and the EFF dataset has 5.5m distinct certs. It is a
wide-spread problem.

For the case of Korea, @KevinSMcArthur found that the issuing
certificates have a pathlen of 0, which makes it impossible for the
end-host cert to operate as a CA *as long as the client actually checks
that extension*. I don't know which ones do, but it would be a question
to ask the NSS developers.

As of now, I don't think these are really attacker certs, also because
the overall numbers seem to point more at some CA software that creates
certs with the CA flag on by default.

Although your article seems to indicate something bad is going on over
there...

[1] If you want to check, CSVs at:
www.meleeisland.de/korean_hosts_CA_on.csv
www.meleeisland.de/korean_hosts_CA_on_fullchains.csv
www.meleeisland.de/scan_apr2011_ca_on_issuers_not_selfsigned.csv

Ralph

On 09/18/2011 03:37 AM, Marsh Ray wrote:
> 
> Been seeing Twitter from @ralphholz, @KevinSMcArthur, and @eddy_nigg
> about some goofy certs surfacing in S Korea with CA=true.
> 
> via Reddit http://www.reddit.com/tb/kj25j
> http://english.hani.co.kr/arti/english_edition/e_national/496473.html


-- 
Dipl.-Inform. Ralph Holz
I8: Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20110918/4427f219/attachment.asc>


More information about the cryptography mailing list