Stop Breaking TLS

(www.markround.com)

170 points todsacerdoti | 1 comments | 10 Dec 25 07:06 UTC | HN request time: 0.412s | source

Show context

account42 ◴[10 Dec 25 09:06 UTC] No.46215635[source]▶

> Consider this - what is the likelihood of every certificate authority on the Internet having their private keys compromised simultaneously? I’d wager that’s almost at the whatever is the statistics equivalent of the Planck length level of probability.

It doesn't matter if every certificate authority is compromised or just one. One is all that is needed to sign certificates for all websites.

replies(2): >>46215668 #>>46216034 #

mark_round ◴[10 Dec 25 09:12 UTC] No.46215668[source]▶

>>46215635 #

Author here, hi! Was just venting last night, but that's a very good point, I'll update it later with your correction :)

replies(1): >>46215764 #

acer4666 ◴[10 Dec 25 09:26 UTC] No.46215764[source]▶

>>46215668 #

You should make it about CT logs. I believe you need to compromise at least three of them.

replies(2): >>46216043 #>>46216386 #

1. mark_round ◴[10 Dec 25 11:01 UTC] No.46216386[source]▶

>>46215764 #

That was what I was thinking of (but worded it badly in the middle of my rant!)

If I wanted to intercept all your traffic to any external endpoint without detection I would have to compromise the exact CA that signed your certificates each time, because it would be a clear sign of concern if e.g. Comodo started issuing certificates for Google. Although of course as long as a CA is in my trust bundle then the traffic could be intercepted, it's just that the CT logs would make it very clear that something bad had happened.

↑