[cryptography] naming is hard as CAs now get to demonstrate

dan at geer.org dan at geer.org
Fri Apr 12 21:50:01 EDT 2013

naming is hard as CAs now get to demonstrate


-------- Forwarded Message Body

Man-in-the-Middle Security Concerns with New ICANN gTLDs

As the April 23 launch date of the first new Internet Corporation
for Assigned Names and Numbers (ICANN) generic top-level domains
(gTLD) comes closer, several concerns regarding new gTLD security
flaws have arisen.

The concern over gTLDs is based on the fact that a large percentage
of organizations use generic top-level domain names internally.
Once these gTLDs are available for purchase it potentially causes
a duplication issue. There may be collisions on the internet from
conflicting certificates issued to the same gTLDs by certificate
authorities (CAs) who have issued short name certificates to
organizations using these generic domain names. The risk of the new
gTLDs, is that an attacker can apply for a certificate from a CA
for a gTLD before it is approved by ICANN. Once ICANN approves the
gTLD, the attacker has a legitimate certificate to go about performing
man-in-the-middle attacks.

A report recently published by ICANN's Security and Stability
Advisory Committee (SSAC) provided support for the security concerns
voiced by members of a group of certificate authorities. Citing
data assembled three years ago by the Electronic Frontier Foundation's
SSL observatory, the report stated there were 1,053 certificates
signed by recognized authorities that end in 63 strings which are
candidates to become top-level domains.

The report went on to state that the number of "short name"
certificates that could collide with the new domains is almost
certainly much higher. This is due to the fact that the SSL Observatory
scanned only for certificates publicly advertised on the Internet.
As a result many private certificates were unaccounted for.  Another
reason the SSL Observatory is likely understating the problem is
that it probably doesn't scan many ports used by e-mail servers.
Collisions between internally used SSL certificates are one of the
potential risks that stem from the planned expansion. The introduction
of domains such as "domain", "localhost", "home", or "belkin" could
also cause significant disruptions as a number of networks use those
names to route traffic to computers, servers, and embedded devices


Following the SSAC advice, ICANN took actions to mitigation actions
to reduce the risk of the issue at hand:
 1. ICANN alerted the CA/Browser (CA/B) Forum Chairperson (23 Jan 2013)
 2. ICANN briefed the CA/B Forum at its annual meeting (5 Feb 2013)
 3. Ballot 96 on new gTLDs was brought forward and passed by the
 CA/B Forum (20 Feb 2013), which implies:
      1. CAs will stop issuing certificates that end in an
      applied-for-gTLD string within 30 days of ICANN signing the
      contract with the registry operator.
      2. CAs will revoke any existing certificates within 120 days
      of ICANN signing the contract with the registry operator.

Analyst Note: CAB forum mandates are not binding on CAs who aren't
members. There is no guaranty the requirements will be followed



-------- End of Forwarded Message Body

More information about the cryptography mailing list