undefined | Better HN

0 pointsGigachad2mo ago0 comments

This is stopped by certificate transparency logs. Your software should refuse to accept a certificate which hasn’t been logged in the transparency logs, and if a rogue CA issues a fraudulent certificate, it will be detected.

0 comments

8 comments · 2 top-level

fc417fc8022mo ago· 4 in thread

I don't believe it's supposed to proactively check the logs as that would inevitably break in the presence of properly configured MITM middleboxes which are present on many (most?) corporate networks.

The point of the logs as I understand it is to surface events involving official CAs after the fact.

l2dy2mo ago

Clients are supposed to check. For example, Apple requires a varying number of SCTs in order for Safari to trust server certificates. https://support.apple.com/en-us/103214

And yes, it does break MITM use cases, for example on Chrome: https://httptoolkit.com/blog/chrome-android-certificate-tran...

fc417fc8022mo ago

So how does that work with middleboxes? Corporate isn't about to forgo egress security (nor should they).

I don't currently MITM my LAN but my general attitude is that if something won't accept my own root certificate from the store then it's broken, disrespecting my rights, and I want nothing to do with it. Trust decisions are up to me, not some third party.

1 more reply

Melatonic2mo ago

Corporate machines would have the proper certs pushed to them for the MITM box to work though - would that affect this ?

fc417fc8022mo ago

The entire point of transparency logs is to detect a cert issued by a different root CA despite both being trusted. The corporate MITM cert won't be present in the logs by design.

malmeloo2mo ago· 2 in thread

Certificate transparency doesn't prevent misissuance, it only makes detection easier after the fact. Someone still needs to be monitoring CT and revoke the cert. I actually believe most HTTP stacks on Android don't even check cert revocations by default.

GigachadOP2mo ago

I'm not too sure what the detection process is like, but being found to sign fraudulent certificates results in your CA being untrusted and is the end of your business. So it's not going to be done lightly even if there isn't automated systems to catch it instantly (which there likely are at least for major websites)

malmeloo2mo ago

The detection process basically boils down to 'server admins need to check CT themselves'. A CA also doesn't have to be malicious; a non-CA malicious actor could also exploit a vulnerability in the verification process of an honest CA. Depending on the severity of the situation that's unlikely to get them removed from the root stores.

Interesting example: last year Cloudflare found out that a CA had been (incorrectly) issuing certs for 1.1.1.1. They only found out 1.5 years after the first cert had been issued. The CA didn't do it with malicious intent, and as far as I know they're still in business. https://blog.cloudflare.com/unauthorized-issuance-of-certifi...

j / k navigate · click thread line to collapse

0 comments

8 comments · 2 top-level

fc417fc8022mo ago· 4 in thread

The point of the logs as I understand it is to surface events involving official CAs after the fact.

l2dy2mo ago

Clients are supposed to check. For example, Apple requires a varying number of SCTs in order for Safari to trust server certificates. https://support.apple.com/en-us/103214

And yes, it does break MITM use cases, for example on Chrome: https://httptoolkit.com/blog/chrome-android-certificate-tran...

fc417fc8022mo ago

So how does that work with middleboxes? Corporate isn't about to forgo egress security (nor should they).

1 more reply

Melatonic2mo ago

Corporate machines would have the proper certs pushed to them for the MITM box to work though - would that affect this ?

fc417fc8022mo ago

The entire point of transparency logs is to detect a cert issued by a different root CA despite both being trusted. The corporate MITM cert won't be present in the logs by design.

malmeloo2mo ago· 2 in thread

GigachadOP2mo ago

malmeloo2mo ago

j / k navigate · click thread line to collapse