Has ComodoHacker signalled the end of the CA system?
The CA system has come under fire after ComodoHacker causes carnage, but what is the alternative?
As any IT guy knows, if you can't fix something, replace it. There are alternatives to the CA system. One of the best, at least according to some big names in the security sphere, is researcher Moxie Marlinspike's Convergence model.
It has been designed to take out the middle men - the CAs - by giving the user greater power. With the Convergence model, users are handed the SSL certificates directly, before asking a number of "trust notaries" to download it too. It then relies on consensus from these notaries to authenticate the web transaction.
I don't believe it would be appropriate to abandon the use of certificate authorities without a clear idea of what could replace it.
To add an additional layer of security, the user goes through a proxy notary so they will remain anonymous to the trust notaries. Sounds like a fine idea, no?
Yet even that model has its limitations. "There are a couple of issues I can see," Harley said.
"Firstly, it throws responsibility for deciding who to trust back down towards the user, whereas the public always wants technical solutions that will save it having to think for itself. Secondly, it has to fight an entrenched commercial model."
Nevertheless, it is a viable option. Time will tell how much support it can gain.
Don't be hasty
If we are to tear down the CA system, it needs to be approached with caution. With any project, especially those involving IT, an incremental approach is almost always best.
Some still argue the CAs have a valuable role, they simply need to be more responsible.
"I don't believe it would be appropriate to abandon the use of certificate authorities without a clear idea of what could replace it. After all, if a criminal gang successfully impersonated the police, few would suggest that we should abolish the police force," said David Emm, senior security researcher at Kaspersky Lab.
"The key, of course, is trust. And I think a critical feature of this incident is the fact that DigiNotar massively under-played the significance of the breach. If trust in any CA is to be maintained, disclosure of any breach is essential."
Emm is right in saying CAs need to get their act together. A number have been caught out. If any more fall at the hands of hackers, then the case for an overhaul of the current model will gain yet more momentum.
For now, the most astute way forward will be in finding the perfect replacement before any radical change is implemented. Right now, the Moxie Marlinspike model offers a real alternative. It should be explored and tested now. If the decline of the CA's reign over web authentication comes, we need to be prepared.
In This Article
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download