Forgot your password?
typodupeerror
Mozilla Privacy The Internet Your Rights Online

Mozilla Debates Whether To Trust Chinese CA 276

Posted by timothy
from the but-that-would-never-happen dept.
At his Freedom to Tinker blog, Ed Felten has a thoughtful, accessible piece on the debate at Mozilla about whether Firefox, by default, should trust a Chinese certificate authority (as it has since October). Felten explains in clear language why this is significant, and therefore controversial. An excerpt: "To see why this is worrisome, let's suppose, just for the sake of argument, that CNNIC were a puppet of the Chinese government. Then CNNIC's status as a trusted CA would give it the technical power to let the Chinese government spy on its citizens' 'secure' web connections. If a Chinese citizen tried to make a secure connection to Gmail, their connection could be directed to an impostor Gmail site run by the Chinese government, and CNNIC could give the impostor a cert saying that the government impostor was the real Gmail site."
This discussion has been archived. No new comments can be posted.

Mozilla Debates Whether To Trust Chinese CA

Comments Filter:
  • Well in that case (Score:4, Insightful)

    by Monkeedude1212 (1560403) on Wednesday February 17, 2010 @06:05PM (#31176906) Journal

    Maybe I shouldn't trust the North American Certificates either, since I don't want my government spying on me either.

    As long as the Chinese CA only deals with China, I have no problems with it. Any of the certifying agencies could be puppets for anyone.

    • by Fantom42 (174630) on Wednesday February 17, 2010 @06:16PM (#31177056)

      Maybe I shouldn't trust the North American Certificates either, since I don't want my government spying on me either.

      As long as the Chinese CA only deals with China, I have no problems with it. Any of the certifying agencies could be puppets for anyone.

      I guess this is true, although considering the amount of malware coming out of China, and China's human rights record as compared to north american countries, I think there is reason not to equivocate about this.

    • Re: (Score:3, Interesting)

      by Anonymous Coward

      Unless your nation has a track record of spying on its citizens web traffic, then you have a much more unfounded claim.

      This should be default off, with an option to enable it. I certainly do not want to visit a site that has a trusted certificate whose root authority resides in China.

      • by Hatta (162192) on Wednesday February 17, 2010 @06:42PM (#31177430) Journal

        Unless your nation has a track record of spying on its citizens web traffic, then you have a much more unfounded claim.

        You mean, like when the FBI put splitters [wired.com] into AT&T offices to monitor all the internet traffic going through them?

        Remember, any authority that can be abused will be abused. I wouldn't trust any certificate authority to protect me against the government.

        • Re: (Score:2, Interesting)

          by Anonymous Coward

          I don't think you should ever completely trust anyone you don't personally know. Hell, sometimes I even have problems with people I do know.

          That said, I'm sorry but the frequency, breadth and (most importantly) consequences of snooping and blocking of internet traffic by the US and Chinese governments on their respective populations are two ENORMOUSLY different things. Finding out that a US cert auth was in collusion with unwarranted snooping on US traffic would be a serious scandal. It'd be more like bu

        • by theshowmecanuck (703852) on Wednesday February 17, 2010 @07:43PM (#31178242) Journal

          I tend to agree that the U.S. government... the Bush government, and now the Obama government; which doesn't seem to mind what Bush put in place in this regard... has pretty much shot themselves in the foot when it comes to whether we should trust them or not with our privacy. Even going so far as ignoring the constitution.

          On the other hand, the Chinese government is still an autocratic entity that frequently jails people for expressing their opinions. As bad as what the FBI has done, I am not convinced that they have abused the spirit of the constitution enough to equal what China frequently does to its own people. My first inclination is that I would say to not trust Chinese CA's. And for those who think they only apply to the Chinese themselves, you have your head in the sand at the Walmart Beach Resort. So much of our stuff comes out of China; and many companies' web sites for support and such are hosted there now. What happens if you log in with https? I think we give China too much already. Granted with all the offshoring scumbag companies out there, my bank account info is probably on servers over there already, but why help more?

          • Re:Well in that case (Score:5, Informative)

            by theshowmecanuck (703852) on Wednesday February 17, 2010 @09:27PM (#31179062) Journal

            And I forgot to add that I disagree with the OP's sig that patriotism is bigotry. While I am not a big fan of deGaulle (let's just say I would have preferred we left him in Dunkirk [wikipedia.org] when the Germans arrived), proving the "exception to the rule" rule, he said one smart thing:

            "Patriotism is when love of your own people comes first; nationalism, when hate for people other than your own comes first." -deGaulle

            Nationalism is bigotry. Nationalism leads to ethnic cleansing, even in the form of language [www.ctv.ca] laws [wikipedia.org]. The statement is true even though it is completely at odds with his bullshit behaviour in Quebec in 1967 where he supported nationalism (and stuck his nose in Canada's affairs... and pissed off enough people that he had to fly home early leaving the ship he came in to sail home without him... and earning him the status of "rectum non grata" in Canada).

        • Re: (Score:3, Informative)

          by SpaceLifeForm (228190)
          That was NSA, not the FBI.

          Link [arstechnica.com]

        • Jeepers...talk about paranoia. Those splitters weren't put in for spying on U.S. citizens; they're only there to intercept the results from electronic voting machines and modify them according to specifications from a@#$$$R6a54@##

          • 010331125024 3-Critical H501.4 HFC: LOST TRC SYNC- trying to recover
          • ************ 3-Critical H501.9 HFC: T1 Timer Expired
          • ************ 3-Critical H501.7 HFC: T2 Timer Expired
          • ************ 2-Alert T507.0 Received Async Error Range Failed
          • ************ 3-Critical
      • by msauve (701917)

        Unless your nation has a track record of spying on its citizens web traffic

        Who did you have in mind that doesn't fit that description? I'm having a hard time thinking of anyone.

        The original point was valid. Perhaps it's time to change the cert infrastructure so that two geographically and politically disparate authorities must sign them.

        Or, maybe get rid of "authorities" altogether, and move to a global "web of trust," a la GPG. Forget that, I don't think I want to trust a cert just because it's accepted by 1,400,000,000 Chinese.

    • Re: (Score:3, Interesting)

      by mewsenews (251487)

      Remember "hackers" got a hold of signed Microsoft.com certs that would be INCREDIBLY useful for a MITM attack? Which registrar let that happen, again? Clearly they didn't do it deliberately..

      Also remember back in the early days of the Internet *cough October 2009 cough cough* when certificates could be forged for any browser using MSIE's SSL library [theregister.co.uk]?

      If the Chinese registry starts publishing bogus certs we can just blacklist them and it will all be a failed experiment in diplomacy.

    • Re:Well in that case (Score:5, Interesting)

      by Anonymous Coward on Wednesday February 17, 2010 @06:28PM (#31177218)

      Precisely. It's not exactly a subtle way of snooping, either. Anyone technically competent could see that the SSL has been changed.

      A better way for the browsers to make things like this secure would be to remember the first SSL they received from the site and notify once that changes - similar to SSH. Yes it would be a PITA for them to implement, but once it's done, that's it, security went up a bit.

      • Re: (Score:3, Insightful)

        by broken_chaos (1188549)

        A better way for the browsers to make things like this secure would be to remember the first SSL they received from the site and notify once that changes - similar to SSH.

        Good idea, but it won't help much, overall. You'd either have users complaining that "My favourite site just broke!" (when it didn't) every one to three years (on average -- when the current certificate expires), or you'd have to implement it in such an unobtrusive way that the average user wouldn't even notice.

        If it did what Firefox currently does for an invalid certificate, for example, it would confuse and scare users to have them load up PayPal this coming April 1st (yes, that's really the expiry date f

        • by Reece400 (584378)
          Maybe set the default to only notify users if it changes before the previous cert is set to expire?
    • by chill (34294) on Wednesday February 17, 2010 @06:59PM (#31177740) Journal

      As long as the Chinese CA only deals with China, I have no problems with it.

      And you know that, how?

      With built-in root certificates, they are automatically trusted. Unless you're examining the entire cert chain of every SSL/TLS site you access, you have no idea which trusted root signed the vendor's certificate.

  • I wonder... (Score:2, Interesting)

    by eexaa (1252378)

    Seriously, shouldn't all users manage their certificate trust themselves?

    If they aren't capable to do so, are they capable to actually _have_ their things secure?

    • Re:I wonder... (Score:5, Insightful)

      by Sir_Sri (199544) on Wednesday February 17, 2010 @06:17PM (#31177080)

      no they aren't. Which is the problem. The average user probably doesn't know what a security certificate is, let alone when you should, or should not trust one. That's why we have experts debating which ones to actually trust on their behalf.

      Half the first year students we have in computer science courses can't navigate to a directory (note that these are generally not core comp sci students, but taking a course on say how to use photoshop), let alone figure out what a security certificate is. That's why we need experts to design systems which are inherently as secure as is legally possible in the first place.

      • by steelfood (895457)

        design systems which are inherently as secure as is possible

        Fixed that for ya.

    • by Chirs (87576)

      How do I know that the server on the other end is who they say they are? Without a trusted authority, I would need to manually verify (via some other trusted form of communication) each certificate.

      As long as I rely on *any* central authority, I'm dependent on that authority to remain neutral.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      No. They're not capable of securing their own things. I'm not talking about the 'average' user, who may be somewhat competent, but the 'below average' user who falls for phishing schemes and virus attacks. If a 'below average' or even an 'average' user somehow learns that they need to add CA's to their browser to view certain sites then SSL will be completely and thoroughly broken and useless. Incidentally, clicking on a link to a .pem file makes it worryingly easy to add a CA in FireFox.

      But that doesn'

      • CAcert ? (Score:2, Informative)

        by Antiocheian (859870)

        I'll ask you the same question I asked CAcert some years ago: "who is going to take responsibility, and what is he going to lose, if your security is compromised ?"

  • It's OSS (Score:5, Insightful)

    by Anonymous Coward on Wednesday February 17, 2010 @06:08PM (#31176946)

    Firefox is Open Source. Let the Chinese build their own version of Firefox and see who trusts them to use it.

  • No. HELL No. (Score:5, Insightful)

    by Anonymous Coward on Wednesday February 17, 2010 @06:10PM (#31176974)

    Why should Mozilla take a chance at this? If someone wants this CA, it is trivial to manually add it to Mozilla's certificates. However, including it will mean that Mozilla's rep is now tied to the Chinese government, and should someone misuse the CA key, it will mean that if China starts another offensive on compromising Western systems, the Mozilla foundation is guilty of espionage by proxy.

    Physical car analogy: A car dealership giving a master key to every vehicle to a group of people who have been noted in the past for car theft.

    • However, including it will mean that Mozilla's rep is now tied to the Chinese government, and should someone misuse the CA key, it will mean that if China starts another offensive on compromising Western systems, the Mozilla foundation is guilty of espionage by proxy.

      I'm sorry, but Mozilla trusting any given CA does not make them guilty of a single thing, let alone espionage.

      Physical car analogy: A car dealership giving a master key to every vehicle to a group of people who have been noted in the past for car theft.

      Yeah, you wouldn't be able to say that the dealership is guilty of theft if the people they gave the key to steal the cars. The people stealing the cars are the ones who are guilty.

    • by Hatta (162192)

      You could say the same about any certificate authority. What reason do we have to believe that any CA is not compromised by the NSA?

      If you want to protect yourself against the government, you cannot trust any third party. Exchange your keys manually, in person.

    • by Colin Smith (2679)

      this is true of any and all CAs.

    • Agreed, besides governments are not all created equal. If you want to buy a government bond for instance, you check its credit rating first. Countries/States/Counties/Cities all have them. As a professional, it's your duty to do your due diligence if other people are relying on your decision to make their decision.

      In the case of China, it's not really a big deal anyway. If they really want to use their own certificates, they'll just mirror the source from mozilla/firefox, and distribute their slightly dif

  • by Fantom42 (174630) on Wednesday February 17, 2010 @06:13PM (#31177008)

    Just make it a configuration option, default NO.

    Yeah, its not the most elegant solution, but welcome to the real world guys.

    • by drinkypoo (153816) <martin.espinoza@gmail.com> on Wednesday February 17, 2010 @06:29PM (#31177232) Homepage Journal

      While we're at it, can we get a paranoid install option that disables ALL CAs by default, and requires you to enable each in turn? Maybe I don't trust Verisign, and would like to pass/fail all certs on an individual basis.

      • by natehoy (1608657) on Wednesday February 17, 2010 @06:38PM (#31177358) Journal

        All you have to do is click your heels together three times, and repeat after me.

        There's no place like Options / Advanced / Encryption / View Certificates / Authorities / (use mouse to select all) / DELETE.
        There's no place like Options / Advanced / Encryption / View Certificates / Authorities / (use mouse to select all) / DELETE.
        There's no place like Options / Advanced / Encryption / View Certificates / Authorities / (use mouse to select all) / DELETE. ...

      • by jrumney (197329)
        Years ago, when I first noticed the growing proliferation of CAs in Netscape's default set, I tried disabling them all, then enabling only the ones which clearly referenced a valid URL describing their certification policy. Starting with about 80, I ended up with 5 certificates installed, 2 of which were already expired.
    • Re: (Score:3, Informative)

      by natehoy (1608657)

      This already IS a configuration option with a default "no". If a CA does not appear on the list (Options / Advanced / Encryption / View Certificates / Authorities) you will be asked when you first encounter a certificate registered with that CA. You can then choose to "Trust this once", "Trust always", or "Do not trust" (the actual text of the options may vary).

      Firefox is debating whether to add it as an entry in a user-configurable list. Obviously, your answer is "no, don't". :)

    • That's not a practical option.

      What would be reasonable would be to dedicate more screen space to certificate information. Make sure the users see exactly who signed a cert, and exactly which site the certificate is assigned to.

    • by Vahokif (1292866)
      It IS a configuration option. The question is whether it should be on by default.
  • by Bogtha (906264) on Wednesday February 17, 2010 @06:16PM (#31177052)

    If the Chinese CA were stupid enough to actually perform this attack, it would be easy to gain incontrovertible evidence of their spying, as the hijacked responses would all be digitally signed with their signature.

    • AIUI, the Chinese openly admit to interfering with their citizens' Internet access.
    • Re: (Score:3, Insightful)

      by wvmarle (1070040)

      Even worse for the CA (and that is imho the main reason we can trust a CA, Chinese or American or where-ever it is from) is that if this trust is breached it is breached forever. There is a lot to lose by losing that trust, and little to gain (in the long term).

  • Now if only there was a way for anybody to start a certificate authority and to issue certificates, and for the users to decide for themselves which certificate authorities they trust.

    • How would that work? Even expert users can't easily know that an arbitrary CA follows a set of rules unless they are audited, and that's what the current process gives you (CNNIC passed the audits).
  • China (Score:3, Insightful)

    by wisnoskij (1206448) on Wednesday February 17, 2010 @06:33PM (#31177298) Homepage
    China has been getting a lot of flak recently, and from how I understand it deservedly.
    If they have done some stuff that is damning enough for companies like Google and Firefox to risk alienating such a huge market, then how can you trust anything that comes from them?
    • Re: (Score:3, Insightful)

      Why do we hate them, now? Because they may have broken into Gmail? Because we don't like the government system they have for themselves, on the other side of the world? Because the people don't view their government as their enemy? Because they don't share the same ideas about human rights that we do? Is that really a good reason to hate another country? It seems like Slashdot has so much venom and hatred for China just in recent months. I wonder how many Slashdotters have actually visited China?

      As I see i
  • There is no good definition of exactly what you're trusting them with, no good independent verification that their trustworthiness is deserved, and as far as I know, no legal recourse if it isn't.

    I consider the whole CA system to be fundamentally broken. But a new system would be so significantly different in both character and detail that I don't know how it could ever happen. UIs would have to be redesigned. Crypto geeks would have to start thinking about usability. I think the world would have to end first.

    But I consider this to be one of the reasons the concept is broken.

    In my opinion, as a half-baked measure that moves a little in the right direction, browsers would do better to just download the certificate from the website, and then warn you if the certificate ever changed when you went back to a website that claimed the same identity. Then you'd have to trust a CA at most once.

    • > In my opinion, as a half-baked measure that moves a little in the right direction, browsers would do better to just
      > download the certificate from the website, and then warn you if the certificate ever changed when you went back to a
      > website that claimed the same identity. Then you'd have to trust a CA at most once.
      This is indeed hte correct approach. Though I'd also apprecaite an option for "I don't care" in the current mozilla, when I jus twant to read a page that won't let me access it throug

    • In my opinion, as a half-baked measure that moves a little in the right direction, browsers would do better to just download the certificate from the website, and then warn you if the certificate ever changed when you went back to a website that claimed the same identity.

      Aren't certificates normally not-permanent? So wouldn't this usually occur? I suppose you could just do it within the life of the original cert...

      OTOH, if you are willing to assume that your initial connection is secure and that you trust t

  • by Angst Badger (8636) on Wednesday February 17, 2010 @06:53PM (#31177644)

    ...but maybe the takeaway lesson from this whole affair is that it is impossible to remain ethical while knowingly doing business with an entity you know to be deeply corrupt. Sooner or later, you will find yourself faced with situations in which you directly or indirectly become party to unethical acts.

    This is hardly limited to Google. We all help pay the salaries of the oppressive Chinese regime from the politburo on down to the prison camp guards every time we buy Chinese goods.

  • To me, its simple. Trust is something that should be granted by the user. A browser distribution may well include certificates for various CA's as a convenience, but generally shouldn't include any of them as trusted by default. There should be an option for the user to designate bundled CA certs (or ones obtained elsewhere) as trusted, and installers could even include option to enable them in the install procedure.

    • A browser distribution may well include certificates for various CA's as a convenience

      Mozilla gets finicky if you toy with Firefox too much and still call it Firefox. If Linux distros did that, they'd risk being forced to move to Iceweasel. Not a HUGE deal, but nonetheless - they can't technically do as you propose. Security-focused distros may want to do so, however.

      More relevant, however, is the fact that most Firefox users don't use "distros" but get the raw executable installer from the website (or a friend's usb holding the same file, etc). The vast, vast majority of these users

  • Wow, just wow. (Score:2, Informative)

    by yttrstein (891553)
    The authenticity of certs no longer matter, and I'm frankly astonished that neither mozilla nor slashdot has ever heard of ssl taps, an *enormous number* of which are currently active in Chinese public networks.

    It's a man-in-the middle thing, and I run them at work. They're very easy to configure, and if you really know what you're doing, you can "legitimately" fake the identity of any cert you want, and every single byte of your traffic is sniffable to whoever runs the tap.
  • After the security researchers were able to get a rogue CA issued by RapidSSL by exploiting an MD5 collision and the predictable sequence number generation, I wish at least some of the major browsers would have revoked that compromised root CA. Despite the fact that any attacker could have gotten their own intermediate CA undetected before the exploit was published, no one bothered to remove their implicit trust of the root CA.
  • by LifesABeach (234436) on Wednesday February 17, 2010 @07:58PM (#31178414)
    "Trust, but verify." - President Reagan
  • Go back to Peking (Score:2, Insightful)

    by buffalo3198 (1747956)
    You nerds talk like the Chinese give a damn about what you want. The Chinese government is not to be trusted, ever! How many times over the last two years has something happened in China regarding the Net where their only response was a Bart Simpson's "it wasn't me", to an outright cyber-attack by organs of their government. Chairman Mao is still alive and well in the hearts of those old men who run China. Don't trust them.
  • Trust is a mistake (Score:3, Interesting)

    by mlwmohawk (801821) on Wednesday February 17, 2010 @11:48PM (#31180066)

    While I can go down the rat hole of an endless paranoia, the fact is that every time you connect to a site, there needs to be a separate path by which you can authenticate certificate for a site with peer review. Perhaps even an old fashioned phone call. Here's my organization's Md5HASH if you don't get the the same number, call for support.

    The reality is that we only need a handful of trusted sites, credit card, back accounts, etc. The browser should be able to link a specific cert and authority to a specific site.

    I never thought the idea of "corporations" being trusted was a good one

  • by jroysdon (201893) on Wednesday February 17, 2010 @11:59PM (#31180130) Homepage

    SSL CA authority needs to be tied to domain hierarchy.

    This sort of domain-based-CA's should be able to be installed via DNS and DNSSEC [roysdon.net] should be continue to be rolled out, all the way to the client (browsers should have methods to verify root DNSSEC, and follow the chain).

    With SSL based on domain hierarchy, you need to know only the root DNS server's DNSSEC key. Everything else flows down from that.

    Then CNNIC would only control .CN. The US Gov would theoretically only control .US, .GOV, .EDU. .COM, .NET, .ORG should be run by (as much as I hate to say it) the UN.

    I already put SSH key fingerprints [roysdon.net] in my DNS and verify with DNSSEC-enabled openssh/bind-resolvers. SSL and/or SSL fingerprints could easily be done, if not just the entire CA public key.

"In matters of principle, stand like a rock; in matters of taste, swim with the current." -- Thomas Jefferson

Working...