Nat! bio photo

Nat!

Senior Mull.

Twitter RSS

Github

Lenovo Superfish: Why do I trust any of those root certificates ?

My father has a Lenovo desktop, so I had to check, if he had one of those fake Superfish certificates. He thankfully had not. But that got me to thinking about what I am doing with certificates.

DISCLAIMER: I am no cryptography expert, these are just a bunch of thoughts on the topic.

Who am I trusting ?

Currently when I try to figure out if the online banking server, I am logging into, is really the server I want and not proxied by some interested server in - say - St. Petersburg or Maryland, I look at the information in the address bar - f.e. the Site Identity Button in Firefox - for a green certificate.

Alas my bank is apparently too cheap to have the green certificate.

When I view the trustchain of the served certificate it looks like this

Safari Trust Chain

OK, I know and trust somewhat the GLS bank. I can only hope that noone grabbed the gls-online-filiale.de domain, maybe because GLS let it accidentally expire or someone poisoned the DNS. I can't be sure though, because the gray certificate isn't strong enough.

But even then, further up the chain, I now have to trust VR IDENT SSL CA 2011. Who is that ? Is that the nigerian office of Baltimore CyberTrust ? On top of the chain is Baltimore CyberTrust, do I trust them, do I even know them ? Where does Baltimore CyberTrust even come from ?

Should I trust, the trustee, of the trustee, of the trustee ? If I weigh my confidence with each trustee as 0.95 just because I haven't heard anything bad about them. That's 0.95 * 0.95 * 0.95 * 0.95 = 0.81. Do I gamble my retirement on those odds ? Maybe bad news about VR IDENT SSL CA 2011 are just a day away ?

Incomplete trust chain

On OS X each computer comes preloaded with a long list of root certificates. These certificates are just there. Where did they come from, who installed them ? I can only deduce and assume but not know looking at a certificate.

These are mine on 10.9 and Baltimore CyberTrust is in there:

A-Trust-nQual-03
AAA Certificate Services
AC Raíz Certicámara S.A.
AOL Time Warner Root Certification Authority 1
AOL Time Warner Root Certification Authority 2
Actalis Authentication Root CA
AddTrust Class 1 CA Root
AddTrust External CA Root
AddTrust Public CA Root
AddTrust Qualified CA Root
Admin-Root-CA
AdminCA-CD-T01
AffirmTrust Commercial
AffirmTrust Networking
AffirmTrust Premium ECC
AffirmTrust Premium
America Online Root Certification Authority 1
America Online Root Certification Authority 2
Apple Root CA - G2
Apple Root CA - G3
Apple Root CA
Apple Root Certificate Authority
Application CA G2
ApplicationCA
ApplicationCA2 Root
Autoridad de Certificacion Firmaprofesional CIF A62634068
Autoridad de Certificacion Raiz del Estado Venezolano

Baltimore CyberTrust Root

Belgium Root CA2
Buypass Class 2 CA 1
Buypass Class 2 Root CA
Buypass Class 3 CA 1
Buypass Class 3 Root CA
CA Disig Root R1
CA Disig Root R2
CA Disig
CNNIC ROOT
COMODO Certification Authority
Certigna
Certinomis - Autorité Racine
Certinomis - Root CA
Certum CA
Certum Trusted Network CA 2
Certum Trusted Network CA
Chambers of Commerce Root - 2008
Chambers of Commerce Root
China Internet Network Information Center EV Certificates Root
Cisco Root CA 2048
Class 1 Public Primary Certification Authority - G2
Class 1 Public Primary Certification Authority 1
Class 1 Public Primary Certification Authority
Class 2 Primary CA
Class 2 Public Primary Certification Authority - G2
Class 2 Public Primary Certification Authority 1
Class 2 Public Primary Certification Authority
Class 3 Public Primary Certification Authority - G2
Class 3 Public Primary Certification Authority 1
Class 3 Public Primary Certification Authority
Class 4 Public Primary Certification Authority - G2
ComSign CA
ComSign Global Root CA
ComSign Secured CA
Common Policy
D-TRUST Root Class 3 CA 2 2009
D-TRUST Root Class 3 CA 2 EV 2009
DST ACES CA X6
DST Root CA X3
DST Root CA X4
Deutsche Telekom Root CA 2
Developer ID Certification Authority
DigiCert Assured ID Root CA
DigiCert Assured ID Root G2
DigiCert Assured ID Root G3
DigiCert Global Root CA
DigiCert Global Root G2
DigiCert Global Root G3
DigiCert High Assurance EV Root CA
DigiCert Trusted Root G4
DoD CLASS 3 Root CA
DoD Root CA 2
E-Tugra Certification Authority
EBG Elektronik Sertifika Hizmet Sağlayıcısı
ECA Root CA
EE Certification Centre Root CA
Echoworx Root CA2
Entrust Root Certification Authority - EC1
Entrust Root Certification Authority - G2
Entrust Root Certification Authority
Entrust.net Certification Authority (2048) 1
Entrust.net Certification Authority (2048)
Entrust.net Secure Server Certification Authority
Equifax Secure Certificate Authority
Equifax Secure Global eBusiness CA-1
Equifax Secure eBusiness CA-1
Equifax Secure eBusiness CA-2
Federal Common Policy CA
GTE CyberTrust Global Root
GeoTrust Global CA
GeoTrust Primary Certification Authority - G2
GeoTrust Primary Certification Authority - G3
GeoTrust Primary Certification Authority
Global Chambersign Root - 2008
Global Chambersign Root
GlobalSign 1
GlobalSign 2
GlobalSign 3
GlobalSign Root CA
GlobalSign
Go Daddy Class 2 Certification Authority
Go Daddy Root Certificate Authority - G2
Government Root Certification Authority
Hellenic Academic and Research Institutions RootCA 2011
Hongkong Post Root CA 1
I.CA - Qualified Certification Authority, 09_2009
Izenpe.com 1
Izenpe.com 2
Izenpe.com
Juur-SK
KISA RootCA 1
KMD-CA Kvalifet Person
KMD-CA Server
Microsec e-Szigno Root CA 2009
NetLock Arany (Class Gold) Főtanúsítvány
NetLock Expressz (Class C) Tanusitvanykiado
NetLock Kozjegyzoi (Class A) Tanusitvanykiado
NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado
NetLock Uzleti (Class B) Tanusitvanykiado
Network Solutions Certificate Authority
OISTE WISeKey Global Root GA CA
QuoVadis Root CA 2
QuoVadis Root CA 3
QuoVadis Root Certification Authority
RSA Security 2048 V3
SZAFIR ROOT CA
Secure Certificate Services
Secure Global CA
SecureSign RootCA11
SecureTrust CA
Security Communication EV RootCA1
Security Communication RootCA1
Security Communication RootCA2
Sonera Class1 CA
Sonera Class2 CA
Staat der Nederlanden EV Root CA
Staat der Nederlanden Root CA - G2
Staat der Nederlanden Root CA
Starfield Class 2 Certification Authority
Starfield Root Certificate Authority - G2
Starfield Services Root Certificate Authority - G2
StartCom Certification Authority 1
StartCom Certification Authority G2
StartCom Certification Authority
SwissSign CA (RSA IK May 6 1999 18:00:58)
SwissSign Gold CA - G2
SwissSign Platinum CA - G2
SwissSign Silver CA - G2
Swisscom Root CA 1
Swisscom Root CA 2
Swisscom Root EV CA 2
Symantec Class 1 Public Primary Certification Authority - G4
Symantec Class 1 Public Primary Certification Authority - G6
Symantec Class 2 Public Primary Certification Authority - G4
Symantec Class 2 Public Primary Certification Authority - G6
Symantec Class 3 Public Primary Certification Authority - G4
Symantec Class 3 Public Primary Certification Authority - G6
T-TeleSec GlobalRoot Class 2
T-TeleSec GlobalRoot Class 3
TC TrustCenter Class 2 CA II
TC TrustCenter Class 3 CA II
TC TrustCenter Class 4 CA II
TC TrustCenter Universal CA I
TC TrustCenter Universal CA II
TC TrustCenter Universal CA III
TDC Internet Root CA
TDC OCES CA
TRUST2408 OCES Primary CA
TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3
TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı 1
TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı 2
TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı
TWCA Global Root CA
TWCA Root Certification Authority
TeliaSonera Root CA v1
Thawte Personal Basic CA 1
Thawte Personal Basic CA
Thawte Personal Freemail CA 1
Thawte Personal Freemail CA
Thawte Personal Premium CA 1
Thawte Personal Premium CA
Thawte Premium Server CA 1
Thawte Premium Server CA
Thawte Server CA 1
Thawte Server CA
Thawte Timestamping CA
Trusted Certificate Services
Trustis FPS Root CA
UCA Global Root
UCA Root
UTN - DATACorp SGC
UTN-USERFirst-Client Authentication and Email
UTN-USERFirst-Hardware
UTN-USERFirst-Network Applications
UTN-USERFirst-Object
VAS Latvijas Pasts SSI(RCA)
VRK Gov. Root CA
VeriSign Class 1 Public Primary Certification Authority - G3
VeriSign Class 2 Public Primary Certification Authority - G3
VeriSign Class 3 Public Primary Certification Authority - G3
VeriSign Class 3 Public Primary Certification Authority - G4
VeriSign Class 3 Public Primary Certification Authority - G5
VeriSign Class 4 Public Primary Certification Authority - G3
VeriSign Universal Root Certification Authority
Visa Information Delivery Root CA
Visa eCommerce Root
WellsSecure Public Root Certificate Authority
XRamp Global Certification Authority
certSIGN ROOT CA
ePKI Root Certification Authority
http:__www.valt.com_ 1
http:__www.valt.com_ 2
http:__www.valt.com_
thawte Primary Root CA - G2
thawte Primary Root CA - G3
thawte Primary Root CA

I can disclose, that I have heard of thawte, VeriSign, DigiCert as root CAs. I didn't know that they had CAs but probably would trust: Staat der Nederlanden, Apple, Deutsche Telekom or VISA.

Do I personally trust Microsec e-Szigno Root CA 2009 for example ? Do I know who that is, where that person or organization is located and if that isn't a private company that was just maybe recently sold to a profitable enterprise in Râmnicu Vâlcea ?

Actually the one trusting these roots is Apple. But the Apple CA is not in the trust chain and that in my opinion is wrong. Maybe it's technically impossible or their army-of-lawyers is against it [^1], but it doesn't represent the trust chain.

So IMO there should be a vendor/machine CA.

Imported Roots

Assume I import the CA root certificate for mulle-kybernetik.com. This is obviously not trusted by Apple, so the one trusting it is myself. There should be a way to record, that I personally trusted that certificate (and when) and that it hasn't been hacked in by some backdoor.

I would need a personal CA for myself on that machine, where I would sign all incoming certificates (with my password or whatever). I also believe that in the end I should be signing the vendor/machine CA. That would be during the installation of the operating system or the first login.

What I expect to see

So in the end all certificates chains should look like this

Nat! -> Apple -> Baltimore CyberTrust -> ... -> GLS

If I click on Nat! I want a way to easily verify, that it is indeed my certificate. Maybe I should get asked for my personal CA password or get an image displayed, maybe of my signature, that I set during CA creation. I want to easily verify, that 'Nat!' was really issued by me and that the rest is at least reasonably trustworthy.

Does that help against Superfish ? No.

[^1]: Do you know that 3/4 of the new spaceship headquartes are dedicated to legal ? Neither do I :)


1 Comment

A photo of emy

From: emy

i agree with you. i am also confused and concerned and wonder why there are no answers to your question.

Post a comment

All comments are held for moderation; basic HTML formatting accepted.

Name:
E-mail: (not published)
Website: