Lenovo Superfish: Why do I trust any of those root certificates ?
My father has a Lenovo desktop, so I had to check, if he had one of those fake Superfish certificates. He thankfully had not. But that got me to thinking about what I am doing with certificates.
DISCLAIMER: I am no cryptography expert, these are just a bunch of thoughts on the topic.
Who am I trusting ?
Currently when I try to figure out if the online banking server, I am logging into, is really the server I want and not proxied by some interested server in - say - St. Petersburg or Maryland, I look at the information in the address bar - f.e. the Site Identity Button in Firefox - for a green certificate.
Alas my bank is apparently too cheap to have the green certificate.
When I view the trustchain of the served certificate it looks like this
OK, I know and trust somewhat the GLS bank. I can only hope that noone grabbed the
gls-online-filiale.de domain, maybe because GLS let it accidentally expire or someone poisoned the DNS. I can't be sure though, because the gray certificate isn't strong enough.
But even then, further up the chain, I now have to trust VR IDENT SSL CA 2011. Who is that ? Is that the nigerian office of Baltimore CyberTrust ? On top of the chain is Baltimore CyberTrust, do I trust them, do I even know them ? Where does Baltimore CyberTrust even come from ?
Should I trust, the trustee, of the trustee, of the trustee ? If I weigh my confidence with each trustee as 0.95 just because I haven't heard anything bad about them. That's 0.95 * 0.95 * 0.95 * 0.95 = 0.81. Do I gamble my retirement on those odds ? Maybe bad news about VR IDENT SSL CA 2011 are just a day away ?
Incomplete trust chain
On OS X each computer comes preloaded with a long list of root certificates. These certificates are just there. Where did they come from, who installed them ? I can only deduce and assume but not know looking at a certificate.
These are mine on 10.9 and Baltimore CyberTrust is in there:
A-Trust-nQual-03 AAA Certificate Services AC Raíz Certicámara S.A. AOL Time Warner Root Certification Authority 1 AOL Time Warner Root Certification Authority 2 Actalis Authentication Root CA AddTrust Class 1 CA Root AddTrust External CA Root AddTrust Public CA Root AddTrust Qualified CA Root Admin-Root-CA AdminCA-CD-T01 AffirmTrust Commercial AffirmTrust Networking AffirmTrust Premium ECC AffirmTrust Premium America Online Root Certification Authority 1 America Online Root Certification Authority 2 Apple Root CA - G2 Apple Root CA - G3 Apple Root CA Apple Root Certificate Authority Application CA G2 ApplicationCA ApplicationCA2 Root Autoridad de Certificacion Firmaprofesional CIF A62634068 Autoridad de Certificacion Raiz del Estado Venezolano Baltimore CyberTrust Root Belgium Root CA2 Buypass Class 2 CA 1 Buypass Class 2 Root CA Buypass Class 3 CA 1 Buypass Class 3 Root CA CA Disig Root R1 CA Disig Root R2 CA Disig CNNIC ROOT COMODO Certification Authority Certigna Certinomis - Autorité Racine Certinomis - Root CA Certum CA Certum Trusted Network CA 2 Certum Trusted Network CA Chambers of Commerce Root - 2008 Chambers of Commerce Root China Internet Network Information Center EV Certificates Root Cisco Root CA 2048 Class 1 Public Primary Certification Authority - G2 Class 1 Public Primary Certification Authority 1 Class 1 Public Primary Certification Authority Class 2 Primary CA Class 2 Public Primary Certification Authority - G2 Class 2 Public Primary Certification Authority 1 Class 2 Public Primary Certification Authority Class 3 Public Primary Certification Authority - G2 Class 3 Public Primary Certification Authority 1 Class 3 Public Primary Certification Authority Class 4 Public Primary Certification Authority - G2 ComSign CA ComSign Global Root CA ComSign Secured CA Common Policy D-TRUST Root Class 3 CA 2 2009 D-TRUST Root Class 3 CA 2 EV 2009 DST ACES CA X6 DST Root CA X3 DST Root CA X4 Deutsche Telekom Root CA 2 Developer ID Certification Authority DigiCert Assured ID Root CA DigiCert Assured ID Root G2 DigiCert Assured ID Root G3 DigiCert Global Root CA DigiCert Global Root G2 DigiCert Global Root G3 DigiCert High Assurance EV Root CA DigiCert Trusted Root G4 DoD CLASS 3 Root CA DoD Root CA 2 E-Tugra Certification Authority EBG Elektronik Sertifika Hizmet Sağlayıcısı ECA Root CA EE Certification Centre Root CA Echoworx Root CA2 Entrust Root Certification Authority - EC1 Entrust Root Certification Authority - G2 Entrust Root Certification Authority Entrust.net Certification Authority (2048) 1 Entrust.net Certification Authority (2048) Entrust.net Secure Server Certification Authority Equifax Secure Certificate Authority Equifax Secure Global eBusiness CA-1 Equifax Secure eBusiness CA-1 Equifax Secure eBusiness CA-2 Federal Common Policy CA GTE CyberTrust Global Root GeoTrust Global CA GeoTrust Primary Certification Authority - G2 GeoTrust Primary Certification Authority - G3 GeoTrust Primary Certification Authority Global Chambersign Root - 2008 Global Chambersign Root GlobalSign 1 GlobalSign 2 GlobalSign 3 GlobalSign Root CA GlobalSign Go Daddy Class 2 Certification Authority Go Daddy Root Certificate Authority - G2 Government Root Certification Authority Hellenic Academic and Research Institutions RootCA 2011 Hongkong Post Root CA 1 I.CA - Qualified Certification Authority, 09_2009 Izenpe.com 1 Izenpe.com 2 Izenpe.com Juur-SK KISA RootCA 1 KMD-CA Kvalifet Person KMD-CA Server Microsec e-Szigno Root CA 2009 NetLock Arany (Class Gold) Főtanúsítvány NetLock Expressz (Class C) Tanusitvanykiado NetLock Kozjegyzoi (Class A) Tanusitvanykiado NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado NetLock Uzleti (Class B) Tanusitvanykiado Network Solutions Certificate Authority OISTE WISeKey Global Root GA CA QuoVadis Root CA 2 QuoVadis Root CA 3 QuoVadis Root Certification Authority RSA Security 2048 V3 SZAFIR ROOT CA Secure Certificate Services Secure Global CA SecureSign RootCA11 SecureTrust CA Security Communication EV RootCA1 Security Communication RootCA1 Security Communication RootCA2 Sonera Class1 CA Sonera Class2 CA Staat der Nederlanden EV Root CA Staat der Nederlanden Root CA - G2 Staat der Nederlanden Root CA Starfield Class 2 Certification Authority Starfield Root Certificate Authority - G2 Starfield Services Root Certificate Authority - G2 StartCom Certification Authority 1 StartCom Certification Authority G2 StartCom Certification Authority SwissSign CA (RSA IK May 6 1999 18:00:58) SwissSign Gold CA - G2 SwissSign Platinum CA - G2 SwissSign Silver CA - G2 Swisscom Root CA 1 Swisscom Root CA 2 Swisscom Root EV CA 2 Symantec Class 1 Public Primary Certification Authority - G4 Symantec Class 1 Public Primary Certification Authority - G6 Symantec Class 2 Public Primary Certification Authority - G4 Symantec Class 2 Public Primary Certification Authority - G6 Symantec Class 3 Public Primary Certification Authority - G4 Symantec Class 3 Public Primary Certification Authority - G6 T-TeleSec GlobalRoot Class 2 T-TeleSec GlobalRoot Class 3 TC TrustCenter Class 2 CA II TC TrustCenter Class 3 CA II TC TrustCenter Class 4 CA II TC TrustCenter Universal CA I TC TrustCenter Universal CA II TC TrustCenter Universal CA III TDC Internet Root CA TDC OCES CA TRUST2408 OCES Primary CA TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3 TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı 1 TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı 2 TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı TWCA Global Root CA TWCA Root Certification Authority TeliaSonera Root CA v1 Thawte Personal Basic CA 1 Thawte Personal Basic CA Thawte Personal Freemail CA 1 Thawte Personal Freemail CA Thawte Personal Premium CA 1 Thawte Personal Premium CA Thawte Premium Server CA 1 Thawte Premium Server CA Thawte Server CA 1 Thawte Server CA Thawte Timestamping CA Trusted Certificate Services Trustis FPS Root CA UCA Global Root UCA Root UTN - DATACorp SGC UTN-USERFirst-Client Authentication and Email UTN-USERFirst-Hardware UTN-USERFirst-Network Applications UTN-USERFirst-Object VAS Latvijas Pasts SSI(RCA) VRK Gov. Root CA VeriSign Class 1 Public Primary Certification Authority - G3 VeriSign Class 2 Public Primary Certification Authority - G3 VeriSign Class 3 Public Primary Certification Authority - G3 VeriSign Class 3 Public Primary Certification Authority - G4 VeriSign Class 3 Public Primary Certification Authority - G5 VeriSign Class 4 Public Primary Certification Authority - G3 VeriSign Universal Root Certification Authority Visa Information Delivery Root CA Visa eCommerce Root WellsSecure Public Root Certificate Authority XRamp Global Certification Authority certSIGN ROOT CA ePKI Root Certification Authority http:__www.valt.com_ 1 http:__www.valt.com_ 2 http:__www.valt.com_ thawte Primary Root CA - G2 thawte Primary Root CA - G3 thawte Primary Root CA
I can disclose, that I have heard of thawte, VeriSign, DigiCert as root CAs. I didn't know that they had CAs but probably would trust: Staat der Nederlanden, Apple, Deutsche Telekom or VISA.
Do I personally trust Microsec e-Szigno Root CA 2009 for example ? Do I know who that is, where that person or organization is located and if that isn't a private company that was just maybe recently sold to a profitable enterprise in Râmnicu Vâlcea ?
Actually the one trusting these roots is Apple. But the Apple CA is not in the trust chain and that in my opinion is wrong. Maybe it's technically impossible or their army-of-lawyers is against it [^1], but it doesn't represent the trust chain.
So IMO there should be a vendor/machine CA.
Assume I import the CA root certificate for
mulle-kybernetik.com. This is obviously not trusted by Apple, so the one trusting it is myself. There should be a way to record, that I personally trusted that certificate (and when) and that it hasn't been hacked in by some backdoor.
I would need a personal CA for myself on that machine, where I would sign all incoming certificates (with my password or whatever). I also believe that in the end I should be signing the vendor/machine CA. That would be during the installation of the operating system or the first login.
What I expect to see
So in the end all certificates chains should look like this
Nat! -> Apple -> Baltimore CyberTrust -> ... -> GLS
If I click on Nat! I want a way to easily verify, that it is indeed my certificate. Maybe I should get asked for my personal CA password or get an image displayed, maybe of my signature, that I set during CA creation. I want to easily verify, that 'Nat!' was really issued by me and that the rest is at least reasonably trustworthy.
Does that help against Superfish ? No.
[^1]: Do you know that 3/4 of the new spaceship headquartes are dedicated to legal ? Neither do I :)