Fraudsters Can Easily Buy SSL Certificates + How to get certificates for domains you don't own?
"The industry-accepted standard for confirming someone is who they say they are and that they control a domain is that 'the CA takes reasonable measures to verify,' which is very ambiguous at best and meaningless at worst," wrote world-renowned security expert Kurt Seifried in an article on SSL security keys published in the May 2010 issue of Linux Magazine.
Two university researchers discovered at a recent security conference that security companies often deal with governments that can compel certificate authorities to produce SSL security keys for them, which Betanews reported last week. Those keys can then be used to sign certificates as any other Web site, enabling a law enforcement authority -- hypothetically speaking, of course -- to spoof virtually any other site.
In the May 2010 issue of Linux Magazine, Seifried reports on his own discovery, which goes one very critical step further: You don't need to be a government, he found, to compel a certificate authority (CA) to issue an SSL certificate for a major Web mail service of your choice. You just need a valid credit card.
A Brief summary of how to get certificates for domains you don't own:
1) Find a free Web mail provider.
2) Register an account such as ssladmin.
3) Go to RapidSSL.com and buy a certificate. When given the choice of what email address to use, simply select ssladmin.
4) Go through certificate registration process (this takes about 20 minutes).
5) You will now have a secure Web certificate for that Web mail provider.
"One CA proposed that customers could fax a signed letter on company letterhead as proof that they controlled a domain (Have they not heard of word processors and image editing programs? Or online fax services?). CAs want to sell as many certificates for as little money as they can; if this puts users at risk but doesn't cost the CA anything, then there is no incentive to fix things." reads Seifried's article.
What can the general user do to protect himself against a possible authoritative spoof using a false certificate?
According to Seifried: "Nothing. User education hasn't worked and won't work... The only reason I know the difference is I investigated this a while back; I've been writing about how broken SSL is off and on for a decade now."
"Basically right now, when a CA checks 'ownership' of a domain, it checks one email address, which is trivial to bypass -- especially with, say, a free Web mail provider," he continued. "If it were to add more checks -- i.e., the CA generates a random string (say an MD5 sum) and requires you to place 8987a978d987e987c978.html or whatever in your webroot at www.yourdomain.com to prove you have control over the Web server as well; and maybe a DNS check, like requiring you to create a DNS record of iugasdcviuoba.yourdomain.com to prove that you have control over the DNS -- that would greatly help, because in that case, you either are a legit domain owner, or the attacker has such a degree of control over your domain that any checks won't matter.
"But then buying a certificate would take time and the verification process would fail more often (waiting for DNS propagation/etc.), so it's very unlikely to happen. Once you get a certificate in the root CA store, you basically have a license to print money," concluded Seifried.
So the next time you think an online transaction is secure, well think again...