 | |
| ||||
April 12, 2005
|
|
|
Until recently Internet browsers had been unable to differentiate between high assurance, fully validated certificates, and low assurance domain only validated certificates.
The loophole, first identified by KPMG in August 2002 caused a multitude of low assurance providers to enter the market, cutting out critical validation steps and offering worthless certificates to thousands of companies thereby placing consumers at risk.
The technology surrounding SSL server certificates and Public Key Infrastructures has been well known since the 1970s. They encrypt communications between the Web site owner and consumer, and they provide certain identity data about the Web site owner.
As Internet use expanded during the 1990s from universities and the defense industry to online commerce and broad consumer use, the encryption function has worked brilliantly, but the identity function has not.
Certification authorities (CAs) are quick to state in legal language that they make no promises about the identity of the certificate holder and won't be held legally liable for any fraud or mistakes.
Consumers have learned to trust the padlock symbol for sites protected by an SSL server certificate as meaning they can safely transmit their personal and financial data to complete a transaction.
For the majority of consumers, they have never clicked on the lock to look "inside" the certificate. A number of browser software makers are considering extracting that identity data and displaying it in the browser toolbar, but that is a flawed approach considering the inherent unreliability of that data.
The technical experts who set up digital certificates and PKI as we know it today worked only on the technical aspects and architecture; they punted on ultimate identity issues, leaving it to closed communities and public CAs to decide what authentication steps they would take before issuing a certificate to a business or individual.
They probably thought this was the easiest part of the online identity equation; in fact, it's the hardest.
During the early 1990s, each public CA came up with its own First Generation manual vetting process which usually involves an online application from the domain holder with the faxing of a few basic business documents (copies of articles of incorporation, local business license, etc.) in an attempt to show identity, which are then briefly checked against light-weight thirdparty business databases.
All this can be forged or faked by a certificate applicant intent on phishing or fraud, meaning the identity data in an issued certificate may be completely wrong and misleading. This vetting process is all the more prone to error considering that each state, province, and country has its own set of business documentation, which no single CA can verify worldwide.
Even worse, some public CAs outsource the entire identity verification process to others, without any checking or auditing of the process. The "subcontractors" can and sometimes do vouch for the identity of a certificate applicant without doing any checking at all. This flawed identity data is then transmitted back to the public CA, who inserts it in the certificate and signs it with the CA's key for distribution and use by the applicant.
The problem is likely to get much worse if browser are changed to display certificate data to users for identity reliance and trust purposes.
There are over 100 "trusted" root certificates already pre-loaded in the browser software currently used by hundreds of millions of consumers around the world.
Many of these trusted roots have been sold over the years, and many chained subroots have been issued to third parties. If any one of these third parties who may be in any country of the world decides to use the root to issue phony or unverified certificates to companies intent on phishing or fraud, and the identity data is prominently exposed to the unwary consumer in the browser GUI, there could be an explosion in phishing attacks.
Phishers and fraudsters haven't bothered to obtain fake digital certificates to date because consumers have never looked at or relied upon the identity information in the certificate (they don't even know it's there) but this will all change if next-generation browser GUIs extract and display certificate data in an attempt to provide users with site identity information for trust decision purposes.
Most identity data inside first generation manually vetted certificates is inherently unreliable, a fact that will be instantly attractive to phishers.
Further details, as well as several examples of the vulnerabilities, are detailed in GeoTrust's white paper entitled "Vulnerability of First-Generation Digital Certificates and Potential for Phishing Attacks and Consumer Fraud."
The white paper, written by noted expert on secure sockets layer certificate verification Kirk Hall, examines the traditional, paper-based manual vetting process, or organizational assurance vetting, still employed by some certificate authorities. The white paper uses examples showing how easy it was to obtain a valid SSL certificate with a well-known company name that could then be used by a phisher on a fraudulent site. The paper further illustrates that relying on organizational names to determine a site's legitimacy is flawed because valid organizations can share the same company name.
Second Generation automated vetting is gaining rapid acceptance among certificate buyers and many public CAs since GeoTrust's introduction of the concept in 2001, outselling First Generation manual certificates better than 2-to-1 over the past six months.
By relying on the CN or common name for Web sites that can't be faked, Second Generation automated vetting establishes the groundwork for layering of other new, sophisticated algorithms and trust techniques and browser displays to help consumers make better informed trust decisions.
 E-mail this story
 Printer-friendly version  Bookmark this page |
Custom Search
|
|
|
