650 Organizations world-wide can install X509 Certificates on your PC

The Internet has always needed to support secure communications, but the problem is how to do it? At the start of the Internet age, there was a plan to have a world-wide global directory based on a standard called X500, which grew out of the need of large organizations to communicate in a secure way (not just over a secure communications link, but knowing that you are sending and receiving to the right people).

The growth of the Internet effectively sidelined this effort. The apparent solution was to introduce a new standard called X509, which allows digital certificates to be issued from a number of authoritative servers (by Certificate Authorities or CA's) so that sender and recipient can sign and encrypt data and send it over an open network. Obviously, you don't want to do this every time you just want to buy something from a web site, so a specific class of certificate was introduced to do the encryption between your web browser and the server hosting the web site you are connected to. This class makes use of so-called SSL (secure sockets layer) certificates.

A recent project by the Electronic Frontier Foundation (EFF) to map the number of organizations that function as Certificate Authorities has shown that there are about 650 of them. Each of them can install a digital certificate on your PC and it might be done silently and without your knowledge.

The EFF has also discovered that one of these organizations, Verizon, has allowed another organization to compromise security (see the notable breaches link).

This has happened because responsibility for security has been effectively delegated by the web browser designers (for example Microsoft and Mozilla) to other organizations though the Certificate Authority structure. The EFF has concerns about the role and practices of these CA's (see the project link above). You cannot have delegation of this responsibility without appropriate checks and balances, accountability and oversight, but unfortunately this does not currently exist. The Financial crisis of 2007 and 2008 has also undermined trust in large organizations, and company governance (or lack of it) varies by Country.

As an example of the EFF's concern, some CA's produced certificates for the same IP Address 192.168.1.2, which is a reserved address under RFC 1918 by IANA (the Internet Assigned Numbers Authority). These certificates give the location of the original request as: Belgium, Switzerland, US and UK. In the UK example, the certificate is for the BAA (British Airports Authority) Pension Trust. The valid dates are from 06 Aug 2009 to 07 Aug 2010 and yet the Public Key only has a length of 1024 bits with a signature based on the SHA1 hash function. Although the hash is OK, the key length should be at least 2048 bits. The NIST (National Institute of Standards and Technology in the US) recommends 2048 bits after 31 Dec 2010 as the minimum key length. The other somewhat bizarre thing is that this certificate contains not only the above private address, but the public (and routable) IP Address of 77.76.108.82. A quick Whois lookup shows the following details (as of 30 Apr 2011):


The problem here is that we have a certificate bound to a public IP Address instead of a meaningful domain name (and domains usually persist as long as a company exists, whilst IP Addresses will change over time as the domain owner changes Internet providers).

Another example that the EFF gives (and is worthy of note) is that some 6000 certificates were issued to unique and apparently valid names of Localhost, which again equates to the PC loopback address of 127.0.0.1. Obviously the validation procedures for these certificates were either not enforced or were non-existant. The CA's that issued such certificates included:


The EFF project has shone a light on the anarchic state as to how CA's issue certificates, which is normally hidden from public view until a notable breach occurs. If you want a good overview of the current state of the SSLiverse, as EFF has named it, start with their 27C3 talk (a PDF file) on the EFF project link above (and look out for the certificate issued to the Ministere de la Justice for ECommerce using an MD5 signature algorithm, which was cracked years ago, and the Extended Validation (EV) certificate which expires in 2012 and has a key length of 512 bits instead of the recommended 2048 bits).