[members-discuss] Charging scheme 2025 proposal (logarithmic)

If you have a state actor with their own CA they can issue whatever Evil Certificate that they need although I guess it would leave some kind of trail. That does sound slightly inconvenient. Agree that it is more convenient to have someone else issuing them. Plausible deniability and all that.

The browsers really don’t care which CA issues the certificate and CAA records aren’t checked by the browsers (by design, I think?) and HPKP is not used anymore either?

How does paying for a DV or the green EV - I think browsers don’t show this anymore - Good Certificate help then? Besides spending 1000 or whatever and ending up with the Good Certificate? The state actor can still have a Evil Certificate issued by someone else and your browser will be just as happy seeing it as if it were your Good Certificate.

I guess the issuing CA should check CAA but do they all do that? I've never added any CAA records anywhere and have over the years procured a few of certificates. So I'm guessing that also not a real option.

How should this be fixed, in your opinion, considering the above?



Kaj

Sent from my iPad

________________________________
From: Andrey Korolyov <andrey at xdel.ru>
Sent: Tuesday, April 16, 2024 10:44:53 PM
To: Kaj Niemi <kajtzu at basen.net>
Cc: Petru Bunea <suport at bunea.eu>; Daniel Pearson <daniel at privatesystems.net>; members-discuss at ripe.net <members-discuss at ripe.net>
Subject: Re: [members-discuss] Charging scheme 2025 proposal (logarithmic)

[You don't often get email from andrey at xdel.ru. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]

On Tue, Apr 16, 2024 at 10:30 PM Kaj Niemi <kajtzu at basen.net> wrote:
>
> Hi,
>
>
> Both RIPE and their CDN seem to use DNSSEC.
>
> Indeed, the CDN utilizes LE as the issuing CA. The LE does publish the list of issued certificates as part of Certificate Transparency, as far as I know the list is public and can be consumed by anyone.
>
> Is there some specific concern you're thinking of?
>
>
>
> Kaj

Yes, there is a simple way for circumventing the issuing procedure of
LE certificates when an actor is able to act as man-in-the-middle, see
[1] for example. Theoretical assumptions of the same kind of attack
circulated around security-related communities since beginning of LE
deployment and it's quite strange to see the org with annual budget of
tens on M$ using zero-liability CA for the primary web resource.

1. https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftherecord.media%2Fjabber-ru-alleged-government-wiretap-expired-tls-certificate&data=05%7C02%7C%7Cd9f99cf886224ef283a108dc5e4db856%7Cd0b71c570f9b4acc923b81d0b26b55b3%7C0%7C0%7C638488935117222243%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C4000%7C%7C%7C&sdata=If7ZCGnKBRvSCs5t%2Faw8RuEqF53HS391HmnKe4cyMzE%3D&reserved=0<https://therecord.media/jabber-ru-alleged-government-wiretap-expired-tls-certificate>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.ripe.net/ripe/mail/archives/members-discuss/attachments/20240416/921a484d/attachment.html>