← Back to context

Comment by 0xbadcafebee

3 years ago

Getting a valid cert for a domain you don't own is getting close to trivial. All of the mitigation strategies are defeated a number of ways, have been for years. I've commented on incidents like these for years on HN. I'm not some internet big wig, and any blog I write isn't going to trend, so this never gets traction. But anyone who understands the tech can find a half dozen ways to get a cert. If you really need to trust your connection, don't rely on internet PKI / public certs. It was secure enough for general purpose in the aughts, it's not anymore.

What are these trival steps to get a valid certificate for news.ycombinator.com?

  • This would not be trivial and would require successful phishing. I've sent an email requesting to make this even harder to do. leaving out those details on purpose

Bold claim lacking substantiation. Care to share? Maybe it will get traction this time.

  • It's really not that bold. Ask anyone who works for a CA, or an ISP, or a registrar, or a mail hoster, or a browser manufacturer, or DNS provider... If you just read up on how PKI works, on how certificates get issued, how the network protocols work, etc, it's all just right there. The holes are very well known and understood and not fixed because they're in the design. Every so often somebody comes up with another mitigation, which of course you have to opt into, and still doesn't solve all the holes.

    It's like SS7, or SWIFT. It's not bold to claim that all public phone networks and bank transfers are insecure, it's just a fact. People who know what they are know they're vulnerable.

    As an aside to the design issues, social engineering any of the thousands of organizations involved with issuing certs (not just CAs) is trivial. A bored teenager could get certs issued for most domains by using nothing more than a telephone or e-mail. But that's cheating, so I don't count it.

  • If you are your hoster and can reroute requests, you can get all kinds of valid SSL certs for any domains that you host.

    Just grab these IP packets when CA comes to validate that you own that domain. Perhaps EV could solve that to some extent but it is never mandated.

    Even if you tried to put any stuff into WHOIS to mitigate this, your hoster can serve any bullshit on this channel too.

    It does look very bad and SSH approach to certificates is just infinitely better. If Jabber used SSL keys instead, they will be alerted immediately.

    Come to think of it, your hoster can also find ways to steal keys directly from hardware, though.