Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy Your Rights Online

Thawte Protects The World From Crypto 179

nutsaq writes: "Thawte.com, a South African Certificate Authority, in a move of astonishing wrong-headedness, has inexplicably changed it's developer certificate policy. To quote from the site: 'Due to current world circumstances developer certificates can no longer be issued to individuals.'Sucks to be working with crypto these days. Apparently I'll get no help from Thawte to encrypt stuff, oh wait, I didn't need it, the browsers did."
This discussion has been archived. No new comments can be posted.

Thawte Protects The World From Crypto

Comments Filter:
  • corporations (Score:1, Insightful)

    by polar red ( 215081 )
    Are they only giving out certificates to corps then ? What an improvement ! This means that corporations again gain power over individuals.
  • Crypto is now one of those 6 letter words better left unsaid in public!

    Something else will come along... if that doesn't work, just form a Limited Partnership or some other 'legal' low risk corp.... ;)
    • Setting up a limated company is very easy in the UK.

      Any half decent accountant should be able to do this for about 150 - 200 UKP
      • Setting up a limated company is very easy in the UK.
        Someone has been advertising its services lately on radio for setting up a Nevada corporation...under $400 is supposed to do everything needed. I understand that there's lots of similar activity in Delaware as well.

        Having to form a corporation (or some other business structure) raises the bar for getting a digital certificate from these clowns slightly, but not by much. It's probably not a bad idea anyway...if $MEGACORP decides it doesn't like your software/website/whatever, they go after your corporation instead of you personally. If you defeat them on their terms, great. If not, at least you aren't wiped out.

  • On my first project that required crypto, I tested solutions from multiple vendors, including Thawte, before I made a final decision with the companies checkbook. Not making cert's available to individuals will only hurt them when developers want to experiment with their technology first.
  • Like the rest of the world , its only a matter of time before big companys rule things... and individuals are kept out... with systems like this...

    its only the first step...
  • Well, first of all (Score:3, Interesting)

    by friday2k ( 205692 ) on Monday October 29, 2001 @06:43AM (#2492004)
    This is about signing certificates, nothing with "oops, my browser encrypted" bla. This is a very interesting move, that I cannot quite follow. Why in the world would you only limit signing certificates and blame it on the "world". Excuse me? I mean if it was about global server IDs, strong encrpytion, etc. I might find some reasons in current events to limit the distribution. But code signing certs? Quote from the Site: "Your customers can be confident that a Thawte Developer Certificate will guarantee that your code remains tamper proof, and that the content originated from the source on the certificate. Important Notice:
    Due to current world circumstances developer certificates can no longer be issued to individuals." Or am I totally missing the point here (probably too late here on Pacific Time)

    • I'm no crypto expert, but my guess is that they would want to minimize the risk of an individual acquiring a certificate in a bogus name, creating a virus or something and then signing the virus code with the cert - thus making it appear more valid and getting it to run on more boxes.

      This assumes that Thawte's background checks (if any) are more rigorous for corporations than individuals which I have no idea if they are. If so, it would probably make more sense for them to increase the checking for an individual requesting a certificate (if this is possible) than blocking them completely.

      • that someone already cracked their system and there are bogus personal certs out there now but to say that would RUIN Thawte. I have a personal cert from them but I've given up using it in general.
      • I'm no crypto expert, but my guess is that they would want to minimize the risk of an individual acquiring a certificate in a bogus name, creating a virus or something and then signing the virus code with the cert - thus making it appear more valid

        In other words, you claim Thawte has restricted granting code signing certificates to avoid another debacle like this [slashdot.org] where Verisign granted a certificate to "Microsoft Corporation".

    • People tend to believe that if they trust Thawte, they can trust code signed with a Thawte-certified key. This is of course not true, because trust is not transitive.

      My guess is that Thawte wants to ensure only trustworthy people/companies get Thawte certificates, and apparently they think that companies are always trustworthy, while individuals are not.

      • Looks that way - pity Bin Laden has got interests in quite a few companies dotted around the world...

        Thawte : "What, really?"
        Person : "Yeah, really!"
        Thawte : " Oh my GAWD! Can't even trust companies now!!!"
        Thawte : "We've close dofr business. Goodbye!"
      • "because trust is not transitive"

        Trust "is" not transitive? Surely the definition of trust differs from person to person? Its like that old chestnut "my enemies enemy is my friend" which gets treated as if it was passed down from God himself, rather than just being a bunch of crap.
  • by wangi ( 16741 ) on Monday October 29, 2001 @06:46AM (#2492010) Homepage
    While they might be based in South Africa they're just a sub-division of Verisign now (and for a while):
    So I wonder what Verisign will be doing...

    • Maybe I'm ill-informed then, but it looks like there are really only a few certificate roots world-wide. If Thawte is really a sub-division of Versign, this would reduce the number of roots even further. Would be cool if there would be a free -- but trustable -- root as well. Maybe an institution like SourceForge could provide this as a service!
      • It cannot be free because to be trustable you have to check real world IDs, certificates, etc... this paperworks need to be done by someone and I doubt that someone will want to do it for free. Paperworks is not as fun as hacking the kernel !
        • If you use GnuPG [gnupg.org] (GPG) - you can create your own circle of trust.

          You sign your own certificates (verifying them over the phone or through some other means) and then you in turn publish your keys to open key servers around the world.

          The more places your identity exists the harder it is for someone to steal it - that is why Slashdot allows you to put your public key into your account (you can see the box for it just below the signature box)

          The key servers are run mostly by institutions around the world (I think Stanford is a main hub here in the US) - they basically hold a bunch of public keys that have been signed.

          So this story isn't a big deal for jo shmoe because if you need to securely transfer something from yourself to someone else you can do that for free using GPG.

          So let the companies have their closed ring of trust and you can create your own.

          Derek
      • Thawte and Verisign have different root certs. Verisign bought Thawte out, but since that, Thawte's certificates have still been a lot cheaper than Verisign's for exactly the same thing.

        I guess now Verisign thinks everyone has forgotten, so they are pulling Thawte's certificates off the market, to force people to pay the higher price for Verisign.
  • Wait a second... (Score:5, Insightful)

    by weez75 ( 34298 ) on Monday October 29, 2001 @06:49AM (#2492013) Homepage
    Before we claim another atrocity forced upon the "little guy" let's take a look at the situation. Thawte is not the only provider of certificates out there. There are others and if individuals demand the ability to work with crypto (as they will) someone will provide the service.

    Thawte is not Microsoft. They cannot strongarm other businesses, let alone individuals, into working just how they see fit. There's no chance for Thawte to rule the world.

    So before everyone gets all up in arms realize that all you have to do to correct the situation is not use Thawte for anything until they reverse their stance or simply use another certificate provider. Write a nice email and let them know why you don't agree with them and move on. This isn't a crisis...
    • Yes, but you should note that Thawte is owned by Verisign. If this is an indication of what Verisign might do in the future then we could all be impacted.
    • by Insount ( 11174 ) <slashdot2eran&tromer,org> on Monday October 29, 2001 @08:46AM (#2492191) Homepage
      To get your code to run on popular browsers, you need a certiticate (key pair plus some data) issued by a certificate authority that is available in all popular browsers. Otherwise, your users will get security warning popups to the tune of:
      This applet is signed using a certificate that was issued by an untrusted certificate authority. Run anyway?
      As a developer, you can't afford that.

      Thawte is one of the few certificate authorities that are in the default installation of all popular browsers. VeriSign is another, and in fact I can't recall any other common CA that's catering to the general public.

      The upshot is that VeriSign, which now owns Thawte, has a monopoly on code signing certificates for browsers. They're giving the appearance of competition by selling "lucrative" certs under the VeriSign brand and "economy" certs under the Thawte brand, but technically it's the same product. This is why they can charge $200 for 1-year Thawte certificate, and more for a VeriSign cert, even though effort involved is trivial. It's just like things used to be with domain registration and Network Solutions (which VeriSign also owns now). I don't believe potential liability issues would prevent this price from dropping significantly in the presence of other players.

      Given this, the change in Thawte's policy is quite disturbing.

    • Re:Wait a second... (Score:2, Informative)

      by jrumney ( 197329 )
      Thawte is not the only provider of certificates out there.


      True. IE 5.5 contains a list of 100 root CAs. Of these, 3 have certificates that had expired before IE 5.5 was even released. 93 of the others do not have an Issuer Statement, so we just have to trust them blindly. Of the 4 root CAs that have an Issuer Statement, 3 give 404 errors. The remaining one takes you to a page where you can download a potentially virus carrying MS Word document in Italian.


      • Re:Wait a second... (Score:2, Informative)

        by Conare ( 442798 )
        A CA's trust should be judged by the Certificate Policy, not the Issuer Statement. I have not researched the availability of the various CA's CPs but you can reference them under the CP attribute where you will find an Object Identifier(OID) that uniquely identifies that CA's certificate policy. Theoretically, you should be able to use that number to view the CP and decide whether or not to trust the CA.
    • Erm...
      Wasn't Thawte bought by Verisign [slashdot.org]?
      Sure, it has been challenged subsequently [slashdot.org], but still....
  • Shame... (Score:5, Insightful)

    by karot ( 26201 ) on Monday October 29, 2001 @06:50AM (#2492017)
    I think this is a real shame, and is probably originated by some badly informed member of Thawte-management.

    How do they plan on catering for the self-employed? What about small companies where the corporate and technical contacts are the same person? Why should an individual have any less right to certifying their code than a corporate?

    Of course it is up to Thawte who they sell their product to, but given the mind-set of people they are selling to (technical staff), this is not going to do them any favours.

    Generally Thawte are very forward thinking... Their "Web of Trust" model brings free X.509 email certificates to the masses by using a PGP-like trust model (extended through face-to-face authentication) on top of the CA signing model.
  • Did anyone other than me notice that this was for the "developers" cert - i.e. signing of programs (aka - the "Microsoft Authenticode")?

    Doesn't appear to have a damn thing to do with web browsers (SSL Certs). Besides, you can always do a "make certificate" in the OpenSSL directory and make a "self-signed" certificate anyhow. They work just as well as the CA signed certs and they cost a whole lot less.
  • by BlueWonder ( 130989 ) on Monday October 29, 2001 @06:52AM (#2492022)

    I my opinion, the concept of code signing is flawed. The user is tempted to think "this piece of code just loaded by my web browser is signed, so I can trust it."

    In fact, the signature only proves that the code really comes from a specific developer and has not been tampered with during transmission. It says absolutely nothing about the trustworthiness of the developer. So, as long as I don't know if I can trust the developer, the signature doesn't help.

    • Sure it does. You're right that the signing doesn't prove that it's trustworthy code, but it does serve some purpose in authentication. There are three steps to trusting a piece of code you download from the net:

      1) Verifying that the person who wrote it is really who you think they are.

      2) verifying that the code you're getting is really what they wrote.

      3) verifying that you actually trust this person.

      certs can help with #2. The other steps are left as an exercise for the reader.

      • The problem is that many people seem to think that code signing does all three for them. They don't realise that trust is not a technical, but a social concept, so no technical solution (like cryptography) can establish trust.

        In fact, it has happened to me more than once that someone was claiming "this is signed, so it cannot possibly do anything bad to my computer."

        • OTOH, if someone is willing to stand behind their code (code sign it), and we know who they are (code signing cert issued by trusted CA), then, if their code does malicious things, the likelyhood of being able to hunt them down and clobber them with a baseball bat is increased.

          Unsigned code gives you none of this.

    • No but the signature does identify the developer so you can at least deny code from people you don't know.

      How you personaly handle code you get from the net is your own problem, but without the cert. you have NO way of telling where the code came from
  • Get the story out! (Score:5, Insightful)

    by ajs ( 35943 ) <{moc.sja} {ta} {sja}> on Monday October 29, 2001 @06:57AM (#2492028) Homepage Journal
    We need to get the story out to the media that strong crypto has been available to the masses for a long time, and can never be taken away. We need it to be understood that cryptographers are trying to make the world a better place by making private transactions more convinient, but that they've always been possible.

    Here are some first thoughts, if you end up talking to the media:
    • The strongest form of cryptography was invented in the 19th century and does not require a computer (XOR against one-time-pad), though computers certainly make it faster.
    • Cryptography technology that is available for free to the general public is very sophisticated. Weakening the cryptography available to shoppers on the Internet will not prevent the best and strongest software being used by "bad guys".
    • Stunting the public's ability to encrypt will hurt everyone from dissedents in oppressive countries to Internet retail companies to international corporations.
    It's time to fight back in the war of words. Make this "Internet shopper" vs. "public ignorance". Make it "my credit card for sale". Public opinion is carried on sound bites, so let's get some!
    • The strongest form of cryptography was invented in the 19th century and does not require a computer (XOR against one-time-pad), though computers certainly make it faster.

      Wrong. The Vernam cipher was developed in the 20th century.

    • by nick2342 ( 323779 )
      The strongest form of cryptography was invented in the 19th century and does not require a computer (XOR against one-time-pad), though computers certainly make it faster

      To pick some nits, the One-Time Pad (OTP) cryptosystem has perfect secrecy. So in that sense, it's at least as strong as any other cryptosystem. However, it lacks features that are found in more sophisticated systems, such as protection from a known-plaintext attack or even authentication.

      Those facts, plus its requirement that a key the maximum length of a future message be sent ahead of time via secure channels, means that it is not necessarily the best cryptosystem.

      So saying that it's the strongest is true only in a limited sense. From the perspective of the public, they might prefer it if "terrorists" went back to hand-encoding/decoding messages, since investigative agencies have a better chance of breaking the key distribution than breaking some of the modern ciphers.

      • How does the OTP lack the feature of being protected from a known-plaintext attack?

        It is a requirement of the technique that the
        key is used ONCE only. If you know the plaintext and the ciphertext you can obviously work out the key, but it won't be any use to you because the key will never be used again...
    • by kipple ( 244681 ) on Monday October 29, 2001 @07:59AM (#2492108) Journal
      I'm throwing in some thoughts of things that can be done on a worldwide scale or at least independently from the country you live in:

      1. letters to newspapers. this can be the first, lowest-effort thing to do. the net is full of good examples of how crypto is good, first of all the writings of Phil Zimmermann, that could be at least inspiring. here's the link [mit.edu] and a quote:

      "You don't have to distrust the government to want to use cryptography. Your business can be wiretapped by business rivals, organized crime, or foreign governments. Several foreign governments, for example, admit to using their signals intelligence against companies from other countries to give their own corporations a competitive edge. Ironically, the United States government's restrictions on cryptography in the 1990's have weakened U.S. corporate defenses against foreign intelligence and organized crime."
      2. for those of you who have good capabilities/reputation, start spreading the word. Not only among your friends (no matter how commputer-illiterate they are, public opinion is independent from tech skills, unfortunately), but also at work.
      3. the main goal is to make the idea of 'banning crypto can make more damage to your business than give benefits to the country' reach the higher levels. letters to newspapers will perhaps lighten a few minds, but enlighten a CEO of a multinational or a big company will help things better. It may seem unreal, but if you think that anyone in the world is just seven hops away, why don't try it? Never underestimate the power of coffee-break gossiping.
      4. all the 'geeks' and technician all over the world have a great power over "regular user". When a techie or a sysadmin talks, everybody is listening. Make good use of it. Be responsible, and be clear. Make people think. 5. talk to newspaper writers, friends working for the media, whoever you think can spread the world.
      6. wait
      7. repeat
      8. listen to other ideas and possibly invite your "opponent" to post it somewhere, to publish it, basically don't treat who does not agree with you as a stupid.

      that's what I'm doing with my friends, parents, et cetera. I'm posting opinions on public forums in newspapers, and although I cannot see an immediate feedback, I'm positive about it.

      Just my .2Euros :)

      • make conferencies about that, give interviews, talk about it in any public place where the argument may be of some interest. Don't be shy, if you're there to listen to someone else opinion, so are all the people sitting near you - and it's your opinion that they may consider.

        ...any other idea?

    • Cryptography technology that is available for free to the general public is very sophisticated. Weakening the cryptography available to shoppers on the Internet will not prevent the best and strongest software being used by "bad guys".

      Who said anything about weakening cryptography? Thawte cannot weaken X.509. They only sell certificates. (or not)

      Stunting the public's ability to encrypt will hurt everyone from dissedents in oppressive countries to Internet retail companies to international corporations.

      Again, this is not what's happening here. Alarmist reactions will only serve to to add to the massive amount confusion surrounding crypto.

      This is about a corporation protecting it's assets, and, quite likely, reducing it's insurance payment. Thats all.

      I would like to see an Free Software authority, however.

    • The strongest form of cryptography was invented in the 19th century and does not require a computer (XOR against one-time-pad), though computers certainly make it faster.

      I don't know if it's a good idea to use that argument unless that mediacontact is totally clueless. The one-time-pad is in itself close to useless for most application, because of the logistic problem of sharing a common one-time-pad without third parties getting their hands on it. So unless you want to mail millions of one-time-pad CDs (or whatever) through a trusted mail service, this form of cryptography in itself won't help you a bit.
  • After all, no matter how well programmed or insightfully designed, every encryption system will eventually get broken by some 12 year old script kiddy. Look at SDMA. All that work, and it's useless.

    Right now, strong crypto is either a pipe dream or a false promise. It isn't worth getting upset over changes to crypto laws yet, because cryptography is still in its infancy, and has a long way to go before we can consider our data to be secure.
    • by gregor_b_dramkin ( 137110 ) on Monday October 29, 2001 @08:23AM (#2492152) Homepage
      Thanks for opening up your skull and letting us peek at the cavern inside. I normally wouldn't reply to flamebait such as yours, but I'll make an exception in this case to try to stem the flow of ignorance that pours from your keyboard.

      1)
      Script kiddies do not break ciphers. They do not find exploits. They do not reverse engineer systems. If they could do any of these things, they would not fall under the derogatory category, "script kiddie".

      2)
      Pick any of the following algorithms and break it: IDEA, 3DES, RSA, DH. I guarantee you will be famous, at least within security/cryptography circles. These are algorithms that have been scrutinized for decades by professors and professionals. I don't think a 12 year old could break these, except in a movie.

      3)
      SDMI (I assume this is what you mean by SDMA), was a copyright protection system not an encryption system. Anyone who believes they can create a secure, stand-alone, software copyright protection scheme is either ignorant or a genius. Given the ratio of ignorance to genius in the world, I know how I'll bet.

      4)
      The reason so many crypto systems are broken usually falls into one of two categories
      a) The developers think they can design a system just as strong as the professionals who have devoted their lives to making and breaking ciphers.
      b) The designers were forced to use limited strength crippto due to stupid crypto laws.

      Incidentally, the DVD CSS system was broken by the combination of government-mandated 40 bit key length, and a home-made algorithm that reduced the effective keylength to around 30 bits. This makes it possible for an attack to be completed in seconds. FWIW, a 40 bit key search takes 1024 times longer than a 30 bit key search.
      • Just to add to point 2:

        At the moment, the only evidence we have that asymmetric cryptography techniques is that it hasn't been compromised by 'better minds than mine'.
        However, that is not to say that it will always remain like this; it is possible that in the future we can prove mathematically that an algorithm is unbreakable (or at least only breakable by an exponential complexity brute force attack. Of course this relies on proving that P!=NP This trivial proof is left for the reader)

        This is directed at the post claiming that encryption will *always* be broken; one day we may have provably secure asymmetric encryption.

        Quantum computers counter my argument nicely as they don't care whether they are working on a problem in P or NP. As such I shall ignore them and hope they go away.
      • Doing 2) above would be a DMCA violation (because there is some intellectual "property" which is "protected" (restricted) by those ciphers.

        You could get 5 years per count.

        Sklyarov is facing a 25 year prison sentence (total of 5 years times 5 counts)

      • Pick any of the following algorithms and break it: IDEA, 3DES, RSA, DH. I guarantee you will be famous, at least within security/cryptography circles.

        All of the algroithms are 'broken' in one sense, that we know how to decode something encoded in it. However, it will take a lot of CPU cycles to do so.

  • Why do we need these bozos anyway? They got bought up by Verisign and both companies charge way too much for a certificate.

    Why not just have a non-profit organization that issues certificates to anyone that wants one for a nominal fee?

    • Thawte, and others, pay a tremendous amount of money to M$ to get their root-certs installed with the OS (and updates). A non-player (or non-payer, more appropriately) CA must ask users to install their CA root-certs themselves. Even this ability (installing a "non-trusted" root) is also being restricted in some of the newer MS platforms, from what I understand.
      • Comment removed based on user account deletion
        • I believe it was on Microsoft ME where we noticed this, but I got the report second-hand, and I dont have an installed copy to check it out.

          In any case, this is not about SSL certs. Only codesigning. (And they cost more, if I recall) Thawte is certainly within reason to discontinue certifying individual codesigners in this day and age...

        • [T]hat they have good crypto.

          Except you don't. There are oodles of SSL sites which only run 40 bits, which isn't good crypto.

      • Thawte, and others, pay a tremendous amount of money to M$ to get their root-certs installed with the OS

        This is no longer the case. Microsoft has changed their policy [microsoft.com] on this for the time being. CAs pay nothing...

        On the other hand, CAs must pass a WebTrust CA audit in order to get on the list. WebTrust audits are extremely expensive. Of course, they serve a useful purpose. They serve to give the end user some sense of confidence that the CA does due dilligence in determining that "you are who you say you are" before issuing a certificate. There is a very small group of companies that have passed WebTrust Audits... (according to WebTrust press releases, Verisign [verisign.com], Entrust [entrust.com], Digital Signature Trust [trustdst.com]).

        Setting up a non-profit to issue certs sounds like a nice idea, but isn't a realistic option when one must spend lots of money to audit ones practices to assure the public. The commercial CAs are even having troubles making money...

        Determining that "I am who I claim to be" really is a difficult task.

        • Setting up a non-profit to issue certs sounds like a nice idea,

          Yea, but who'd wanna run it? My PGP key got signed by USENIX years ago, but I doubt they do it anymore.

          Its a big hassle, being an issuer of trust. Even when your corporation is located in South Africa, it seems.

          I'd love to see FSF or one of the other big players try it, but everyone would still whine about the restricitions and policies, I bet. A CA by nature needs to make money to pay for it's insurance, otherwise no real corporation would trust it. But for Free Software, I'd probably trust FSF for my own machines.

        • Setting up a non-profit to issue certs sounds like a nice idea, but isn't a realistic option when one must spend lots of money to audit ones practices to assure the public. The commercial CAs are even having troubles making money...
          Hmmm... kind of makes me wish the government would take this over. Well, it makes me wish the government had taken it over -- if they did so now they'd no doubt put backdoors in.

          Still, the identifying-business seems like something government is reasonably good at doing. It's a naturally bureaucratic process, and private companies don't seem to be all that much better than governments at such things (except they are much more expensive).

      • Don't forget about the other type of CA - corporate (or educational) internal CAs. These CAs don't issue certs to the general public, they issue them to employees, students, whatever, so the individual can access corporate or school resources.

        This solves a *lot* of problems, since you can assume all authorized users have a valid cert. If someone is fired, leaves school, whatever, you can revoke their cert immediately. Some resources might not check the CRL, but others definitely will.

        But this, of course, requires installing your own cert. Oh, to be sure, you can outsource this operation to a commercial CA and be covered by their root cert. At a modest cost of something like $20-$100 per employee per year. (It's been a while since I checked the prices.) A lot of organizations won't mind that cost, but others will. It's not like this system is hard to maintain, once installed.
    • Why not just have a non-profit organization that issues certificates to anyone that wants one for a nominal fee?

      Well, you can generate your own certificate, it's straightforward enough. The issue is trust. When you (a shopper, say) go to a site secured by Verisign, you are in effect saying that you trust Verisign not to issue a certificate to anyone who isn't trustworthy. Of course, for most people, it's "I trust Netscape/Microsoft/Whoever, who trust Verisign, who trust this merchant". If you generate your own certificate, there is no "trusted third party" to confirm you are who you say you are. The reason certificates cost money is because for a certificate to be trustworthy, the issuer has to perform due-diligence checks (for example, company registration documents) to ensure that they are granting it to a legitimate organization.

      Logically, this could and perhaps should, be a function of Companies House (or the US equivalent), the body responsible for keeping track of company registrations, filing accounts and so forth. But any company with a strong enough brand (a hardware vendor, a major bank or law firm, a telco) could act as a trusted third party, so long as that TTP is itself trusted by the public. The only problem there is, how to get the browser vendors to distribute their certificates along with the browser.
      • This trust argument would make perfect sense, if Verisign et al were actually doing anything to check that you are who you say you are.

        But it wasn't that long ago that Verisign issued some certs in Microsoft's name to an unknown perpetrator. The bottom line is, Verisign runs a con game which exploits people's ignorance about the service really being provided, which is basically a cozy relationship with the biggest browser maker, i.e. Microsoft.

    • You want an SSL cert on the cheap? Go see the folks over at TuCows [tucows.com].

      That's about as cheap as it gets for an SSL cert from a CA with it's root cert in most browsers. [tucows.com]

      Disclaimer: I work for Entrust.

  • by Rogerborg ( 306625 ) on Monday October 29, 2001 @07:17AM (#2492051) Homepage

    Actually, I know that it was, because I wrote it for the Wipout [wipout.net] competition, which is spookily enough another /. story of the day.

    I wrote this story [wipout.net] in early September, pre-11th. It postulates a society where knowledge of crypto is so strongly controlled that... well, read the story [wipout.net].

    At the time that I wrote it, it was science fiction. It now looks like I was way too conservative, and events are already on the way towards overtaking my predictions. Hey ho.

    • At the time that I wrote it, it was science fiction. It now looks like I was way too conservative, and events are already on the way towards overtaking my predictions. Hey ho.

      One of my personal mottos has been for quite a while this:

      "Humans are by nature optimists. Try to think the absolute worst thing that other human beings could come up with. Wait a few years. Note how optimistic you really are."

  • Now that closed source companies are starting to really restrict what end users can do, and what they can see, and what licensing they will even give out to people, it'll be a lot easier for open source organizations to really shine.

    While everyone else is adding restrictions, we should be in a mad dash to catch up where the closed source versions are leaving off, increasing public acceptance of how convenient and useful open source products are compared to the rest of the software industry.

    CSS people are actually giving OSS people the opportunity to be BETTER, not just feature-equal! Yaaaay :)
  • by Metrol ( 147060 ) on Monday October 29, 2001 @07:26AM (#2492066) Homepage
    Now only real companies, like the MANY that bin Laden's network runs, can get encryption tools.
  • by imrdkl ( 302224 ) on Monday October 29, 2001 @07:30AM (#2492069) Homepage Journal
    For Thawte to decide not to trust individual developers for code-signing makes sense, right now. Code-signing authority is possibly the strongest authority that can be purchased from a public CA. And just because a bit of code is signed by a certificate issued by Thawte, doesn't mean that I'm gonna run it anyways. Otoh, Thawte continues to issue code-signing certs to a companies, which is the context from where most signed code is downloaded/installed and run.

    I really doubt that much signed code is distributed with authority from certificates issued to individuals. Chill out. They will lose some money, and I'm sure Thawte doesn't like that, but crypto is not going away.

    • This is not only about trust; it is about economics. Small development studios representing a single owner, or a partnership, produce a vast amount of software for the Internet. OpenSource development teams likewise have no corporate presence, and rely on the identities of individuals.

      This may sound like an innocuous move now, but consider the general direction of the intellectual property movement. The only way to truely secure digital content is to tie it to an identified user. That means hardware capable of decrypting content on the fly using a user-specific key. It is unreasonably difficult to reencrypt each piece of content for different hardware, so a license certificate is used to associate the content key securely with the user's identity.

      CPUs already exist to do this for secure computing applications, and its hardly improbably that Intel and/or MS have considered this as a route for development. Whether it is the hardware or the OS that enforces it doesn't matter awfully much: at some point a corporation is responsible for issuing a license certificate which will marshall the association between your software certificate and a user's identity certificate.

      In other words, someone has the power to determine if your software is allowed to run on their hardware, or not. By denying you a developer certificate, they can prevent your software from running.

      Right now that's not a reality. Unsigned code isn't prevented from running, it just causes a miriad of warning and threats which most users will back away from.

      So the moral of the story is be a big corporate, pay lots of money, and your product will be used. Otherwise you're sleeping in the sewer, my friend.

      Twylite

  • Thawte responds: (Score:5, Informative)

    by Domini ( 103836 ) on Monday October 29, 2001 @07:51AM (#2492096) Journal
    I e-mailed them and got this response from Jeanne Fourie:

    Dear Marius

    Thank you for emailing me with regard to your concern. Due to the current
    international threat of terrorism we have been advised by
    our parent company VeriSign to refrain from issuing developer certs to
    individuals, for the mean while.

    As you will be aware, there is a need right now for companies like ourselves to be
    extremely cautious in all aspects that concern
    security and encryption.

    Developer certs are issued to individuals based on verification of passports and
    drivers licenses. These documents are however easily
    forged and we have therefore had to take the executive decision of not issuing
    certs where the verification process may be
    questionable.

    We are positive that we will be able to resume this service in the near future. I
    do apologize for any inconvenience that this may have
    caused you.

    Regards

    Jeanne

    As can be seen it seems to be Verisign who requested this....

    Hmm...
    • What do you know? A canned response. I got the same reply.

      --

      From: Jeanne Fourie "jeannef@thawte.com"
      To: Michael E. C. Gauthier "gauthier@LICKDEEZNUTZ.mindless.com"
      Subject: Re: No longer be issued to individuals???
      Date: Mon, 29 Oct 2001 14:33:53 +0200
      X-Mailer: Mozilla 4.77 [en] (Windows NT 5.0; U)

      Hi Mike

      Thank you for emailing me with regard to your concern. Due to the
      current international threat of terrorism we have been advised by our
      parent company VeriSign to refrain from issuing developer certs to
      individuals, for the mean while.

      As you will be aware, there is a need right now for companies like
      ourselves to be extremely cautious in all aspects that concern security
      and encryption.

      Developer certs are issued to individuals based on verification of
      passports and drivers licenses. These documents are however easily
      forged and we have therefore had to take the executive decision of not
      issuing certs where the verification process may be questionable.

      We are positive that we will be able to resume this service in the near
      future. I do apologize for any inconvenience that this may have caused
      you.

      Regards

      Jeanne
      • On querying this, I got the following response:

        HI Marius

        I am sorry that my response seemed automated. I was more concerned with giving you a
        clear reason for the move.

        Nonetheless, thanks for bringing the discussion to my attention, I have tried to keep
        the wording as simple as possible on our web site, and am responding to queries as they
        arise.

        Thanks again!

        Jeanne


        So, it's not an automated response, but only a re-defined one for the genre of question.
        :)

        They have good PR at least.

        Me.
    • Developer certs are issued to individuals based on verification of passports and drivers licenses. These documents are however easily forged and we have therefore had to take the executive decision of not issuing certs where the verification process may be questionable.
      Interesting. What's next? Sorry sir, but you are not allowed to travel. You know, passport controls rely on pasports and these documents are easy to forge.

      If goverments and legal institutions trust these documents, for far more important things than software, why cannot they?

      Marko.
    • Okay. So... they finally realize that driver's licenses are a bad thing to base identity off of, we know this already. The DMV is primarily concerned with pulling speeders over, not necessarily with identifying people well enough for financial transactions, etc...

      But I don't see what terrorism has to do with that. As mentioned, terrorists are unlikely to use signed web server certs to do much in the way of loss of life. And the unreliability of driver's licenses won't go away if/when the terrorist threat does.

      So why even bring up terrorism?

      • So... they finally realize that driver's licenses are a bad thing to base identity off of, we know this already. The DMV is primarily concerned with pulling speeders over, not necessarily with identifying people well enough for financial transactions, etc...

        Pity various "authorities", including the state governments of various US states have yet to catch on to. Let alone such utter daftness as making these the prefered ID for purchase of intoxicants.

        But I don't see what terrorism has to do with that.

        Very little, but the people making the decisions just arn't clued up on the subject.

        As mentioned, terrorists are unlikely to use signed web server certs to do much in the way of loss of life.

        Even assuming a terrorist organisation were to set up an https website they'd probably prefer a cetificate signed by someone they trusted.
    • Hmmm ... I must be missing something. Thawte does not require developers to present their passport or drivers' license in person. They get the details and check with the records of the appropriate authority; there is no physical interview, no cross-check that you aren't quoting someone elses details. If you have their name and numbers, you can masquerade as them.

      Companies? Pah. Give me R250 and I can buy a close corporation with a name, registration and CK number (this is in South Africa, btw). It doesn't take a genius to get a corp. certificate from there. If you have the $200 for the certificate, it shouldn't be stretching finances to find the additional $30 for the corp.

      Oh ... there's still no-one who is going to check that the company represents the people it claims to...

  • by GC ( 19160 )
    Am I right in thinking that this has no bearing on users actually using certificates as anyone can create certificates with Openssl on a i386.

    So all they are doing is removing the convienience of the extra dialog box that the certificate was not from a trusted source.

    I don't get the paying money for Certificates in the first place...
  • so now verisign can take more from the individual.. once verisign bought thawte, they wanted to raise the prices.. but couldn't.. this is a way that they can.
  • Recently, thawte has also decided to change the way they issue wildcard certificates. What used to be a great way to use one certificate for all hosts on the same domain, has now become just a way to do mass certificate licensing. They are charging people a fee for each host that they use the wildcard ceritificate on, although I don't see how this could work. The price per host gets lower as you buy more licenses. But still. Come on!!

    I just hope that when the company I work for goes to renew their wildcard certificate that they don't try to switch us to the new wildcarding system.
  • by KlomDark ( 6370 ) on Monday October 29, 2001 @08:45AM (#2492189) Homepage Journal
    It's amazingly easy. Get OpenSSL, install it...

    Make your homebrew CA private key:

    openssl genrsa -des3 -out ca.key 1024

    Create your CA self-signed public key:

    openssl req -new -x509 -days 365 -key ca.key -out ca.crt

    OK, you're set up as a homebrew Certificate Authority (CA) and ready to start signing your own home-brew certs:

    First, create a homebrew private key:

    openssl genrsa -des3 -out server.key 1024

    Create the unsigned public key (AKA certificate signing request) At one point in the process, it asks for "Your Name" - if this is for personal identification, then put in your name. However, if this is for a development web server, then put in the web site address "dev.www.wherever.com" when it asks for "Your Name"

    openssl req -new -key server.key -out server.csr

    Get the sign.sh script from the Apache mod_ssl distribution, use this to sign the certificate:

    ./sign.sh server.csr

    There you go, you now have the private (server.key) and public (server.crt) keys. Install them on your webserver.

    They will work, but your browser will whine about them being signed by an untrusted source. No problem there, give a copy of CA.crt (NOT CA.key!!) to any developers using your web server and have them install it on their machine, from then on, their browser will consider any certs signed by your homebrew CA key to be valid. To install the cert on IE browsers, a hint: you do not use your browser to do it, even though there is an "Install Cert" button on the window that pops up to let you know that the cert is signed by an unknown CA. Instead, you give them CA.crt, have them save it to their hard drive, then open up Windows Explorer, right click on CA.crt, and pick Install Cert from the menu, a Certificate Wizard will pop up, go with the defaults, then your machine will trust the homebrew certs.

    The root certificate game has always been just a money scam, especially for dev certs.

    • And yes, you can sign your code with these too, but then you have to distribute ca.crt to people who will be using it, somewhat of a pain. In a small-scale type of thing, not a problem. Make it part of your installer.
      • by Vapula ( 14703 ) on Monday October 29, 2001 @09:27AM (#2492337)
        Distributing a CA cert under Netscape is very easy.

        You just have to use the little CGI that follows...

        #!/usr/bin/perl -Tw use strict; $|++; open(FP, "); close(FP); my $len = length($cert); print "Content-type: application/x-x509-ca-cert\r\n"; print "Content-length: $len\r\n"; print "\r\n"; print $cert;

        A link to that CGI with the mention "install the certificate into my Netscape" and you're done. (I don't know if it works with MSIE... I never use it !!!)

    • You can hit my pages with http or https. If you do the https version with Netscape, you get a happy little dialog telling you Netscape doesn't know who signed the page. Fortunately the dialog box defaults to "Trust for this session only" as it's pretty well certain that most users, conditioned to hit "OK" when a dialog box pops up, will do so. I make a note that you really shouldn't trust my certificate permanently on my page.
      • I've always thought that it was a little strange to have both public key encryption and identification built into the same thing.

        In some situations, you just want your data encrypted as it goes across the net. I'd think there should be two separate things, one for enabling encryption, the other for identifying the other party.

        But then again, typically if you are actually going to go to the "trouble" of encrypting your data, you probably want to make sure of who is receiving that data.

        But, the current CA scheme really leaves a lot to be desired, I certainly don't feel a lot of trust just because something is signed by Verisign, ever work with those people??

        • I don't really care who I'm sending my stuff to usually. I just want them to be sure they know it's from me.

          You can build a reputation around your identity, and insure that no one would be able to tear that down using the authentication aspects of the encryption. I think in the long run, the authentication aspects will be more important than the data hiding aspects.

    • Developer certs are for signing code, not web sites. If you download (e.g.) a service pack from Microsoft and click "Properties" on the file, you'll see a tab that says "Digital Certificates". The cert that signs those things is a developer cert. The tools used for creating and signing the files are totally different from what's used for SSL certs. You could in principle generate the certs with OpenSSL, but the method you proposed won't work (you need special identifiers in the certs).

      What developer certs let you down is put ActiveX controls on your web pages that the user can download without going through a scary dialog saying "the browser can't tell who created this file". You do get a dialog saying "This file was created by so-and-so, click 'yes' if you trust them" but that dialog is designed to not be scary, and encourage the user to download whatever crap is about to take over his computer.

      There are also developer certs for signed objects in Netscape browsers, but not too many people care about those any more. :(

      • So Verisign, Thwate, and the other CAs, are deciding not just who is who, but who's code I should allow to run on my computer without a dialog? The sad part about all this is that so many people have blind trust in the system. If a cert was issued to someone, they must have good intentions, right? The problem is too many people assume this. The "scary dialog" should always be present for the first time for every identity. Once the user states his trust in that certificate, then no more "scary dialog" for that one until it expires, unless it is re-issued with the same identity (what is stored in the user trust DB is the identity itself).

        • The development cert never lets you download code with no dialog. Under IE, you get a scary dialog with no verifiable cert. With a verifiable cert you get a non-scary dialog with a check box saying to not ask again next time code comes from this developer. Under Netscape, there are also two dialogs that function the same way, but both use scary wording.

          To say the wording should always be scary (i.e. that Netscape did the right thing) is right from a security standpoint, wrong from a user acceptance standpoint. We know perfectly well by now which side Microsoft is on. From a developer's point of view the Netscape approach is a pain in the neck because you have to put in an extra screen telling the user to click "yes" to permit the download (but if you tell them to click yes, then they do so, which means the scary words don't really add security).


  • To become a registered company in Germany, you need to get a license. In the smallest case, that's going to cost you all of 15 DM ($7.50).

    What a stupid and useless move at the side of Thawte...

  • Code signing certs are for validting signatures. They re not and in fact cnnot be used for encryption - unless the SSL stack is broken.

    The only use for a code signing certificate is to tell a user that a piece of code is safe to use.

  • Well, not a lot of people/companies anyway.
    Half the time I try to download an application/plugin I get the message 'this code was not signed'. This happens so often that the average user will simply click 'run anyway'.

    This will only affect companies that have actually taken the time to set the system security policy to 'never run unsigned software'. Which nobody on this planet has done, because all the really useful software has not been signed. *sigh*

    Code signing is rather useless anyway, it's a good concept. However, the certificate issuers only certify that a company writes software (which you knew anyway, you just downloaded a piece of their work), they do *explicitly* not certify 'this is software written by a company that will not copy all files from your harddrive and publish them on IRC'.

    In it's current implementation it makes software somewhat tamper proof. Which is nice...
  • So Thawte now thinks their verification process is flawed. So they're not revising their verification process, or revoking their existing certificates (which they presumably issued based on their flawed process). And it's not like someone planning to do something with a developer certificate would wait until the last minute to actually get the certificate.

    In any case, PKI is inherently broken in a number of ways, including that the signer doesn't specify what about the key is being certified. So there's no way for Thawte to certify that they checked a passport and you look like the photo. There's no way for them to say, "This person is who he says he is, unless he accidentally emailed his private key to a total stranger or duped the Portugese passport authority."
  • Won't help anything (Score:2, Interesting)

    by Norny ( 9940 )
    The whole decision is silly. All thawte is doing is loosing business. If a terrorist wants to encrypt a webpage, it's easier and faster to just set up OpenSSL/mod_ssl and sign your own cert.

    If the visitor is another terrorist looking to download encrypted content, all he has to do is click OK to the browser box that says it's not trusted and then the encrypted stream of content will begin.

    All thawte is doing is removing the part where the cert is trusted. I doubt a terrorist would care.
  • You're missing the point. This isn't about web site certificates. It's about code-signing certificates.

    This is related to Microsoft's concept of blaming others for security problems. Since they demonstrably can't make their OS secure, and chose a fundamentally insecure technology (Active-X) for their browser, their answer is to require that all code run on their systems be signed by somebody who can be blamed for problems. Microsoft may also use this to obstruct free software from running on Microsoft boxes. Remember that Windows XP can be configured to run signed code only.


  • Re: http://www.thawte.com/getinfo/products/devel/conte nts.html [thawte.com] ("Due to
    current world circumstances developer certificates can no longer be issued
    to individuals.")

    Have you guys given any thought to how much of the current IT world was
    built by self-employed individuals? How is a single-person development
    shop -- even one such as my own that's been in business since 1991 --
    supposed to deploy browser-based software that requires security
    certification, if a monopolistic company such as yours is allowed to
    maintain arbitrary discriminatory policies such as this one?

    Finally, how in the _world_ do you expect this policy to have any impact on
    terrorists who have absolutely no historical record of abusing this type of
    technology? Every time a corporation or government exhibits a
    poorly-thought-out knee-jerk reaction such as yours to the events of
    September 11, the score on the bad guys' side of the board jumps up a tick.

    Given the rate of consolidation in the IT infrastructure world, in a few
    years, Thawte/VeriSign will be the only game in town. Any suggestions as to
    what steps I and similar lone-wolf developers can take when that happens?

When you are working hard, get up and retch every so often.

Working...