It’s the assumption that “using trusted certificates from a certificate authority (CA) is airtight” that got DigiNotar and Comodo into some hot water this year. Because in reality, certificates – even those from a CA– are certainly not airtight. Here’s why.
Certificates used to authenticate an SSL connection allow for the certain identification of each party and for the negotiation of an encrypted channel for communication. The certificates themselves are files whose alteration can be easily detected and whose origin are verified by a trusted certificate authority, such as Comodo or VeriSign.
The web application developers use this trusted certificates model extensively when building their applications. The problem is that the CA can be spoofed. The Electronic Frontier Foundation staff technologist Peter Eckersley has a good, in-depth analysis of the revelation that Iranian hackers acquired fraudulent SSL certificates for Google, Yahoo, Mozilla and others by spoofing Comodo. CAs sell digitally signed certificates that browsers use to verify their network connections. But with these spoofed certificates, the hackers could undetectably impersonate Yahoo and Google (allowing them to read email even if it was being read over a secure connection). The Mozilla certificate would allow them to slip malicious spyware onto the computer of anyone installing a Firefox plug-in.
HTTPS and other SSL-using protocols (secure SMTP, POP, IMAP, Jabber and many, many others all build on SSL) still offer protection against casual snoopers. They’ll protect against the use of Firesheep in a hipster café just fine. But the trust and security promises that are implicit in the use of SSL, and which are depended on by many—to the extent that people literally bet their life on these protections—are promises that it cannot keep. The centralized trust model doesn’t work.