SSL is supposed to protect web users by encrypting data. When it comes to trusting an SSL certificate, Web browsers rely on authoritative certificate authorities (CA) that validate the authenticity of a given SSL certificate.
But what happens when a CA issues a fraudulent SSL certificate?
This week, certificate authority DigiNotar was found to have issued a fraudulent SSL certificate for *.Google.com. The wildcard certificate could have enabled an attacker to spoof any HTTPS secured Google domain. Though advisories from browser vendors came out this week, DigiNotar admitted today that it has been aware of the issue for more than a month.
"On July 19th 2011, DigiNotar detected an intrusion into its Certificate Authority (CA) infrastructure, which resulted in the fraudulent issuance of public key certificate requests for a number of domains, including Google.com," DigiNotar's parent company Vasco said in a statement. "At that time, an external security audit concluded that all fraudulently issued certificates were revoked."https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
DigiNotar added they recently discovered that at least one fraudulent certificate had not been revoked at the time of they originally detected the fraudulent certificate issue. The failure of DigiNotar to effectively remove the invalid SSL certificate has led browser vendors to remove DigiNotar from the list of trusted certificate authorities.
"Microsoft has been able to confirm that one digital certificate affects all subdomains of google.com and may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer," Microsoft warned in an advisory. "As a precautionary measure, Microsoft has removed the DigiNotar root certificate from the Microsoft Certificate Trust List."
Mozilla has issued a similar advisory for users of Firefox. Mozilla is also going a step further and is set to release new versions of Firefox to help protect users. "Because the extent of the mis-issuance is not clear, we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack," Mozilla said in its advisory.
The fraudulent SSL certificate issue is not a new one. A similar issue hit certificate authority Comodo earlier this year which triggered a similar response from browser vendors.
Aside from revoking invalid certificates and certificate authorities from browsers, there is another potential solution to the problem of SSL trust. At the Black Hat 2011 security conference security researcher Moxie Marlinspike launched a new SSL trust system to replace the CA model. Marlinspike's system is called Convergence.io and it makes it easier for browser users to control who they trust.
"Not a big surprise, but another rogue *.google.com SSL certificate has appeared in the wild," Marlinspike tweeted. "convergence.io users are not vulnerable."