While I'm in general a fan of PKI, and agree with some of what Phill has to
say, a number of things should be kept in mind:
1 - a number of popular applications have been designed to work a large
variety of "trusted root" certificates, by default. For example, I just
popped up the list of "trusted root certificates" marked trusted by default
in IEv6. I probably miscounted, but I got 106. (YMMV, depending on
version, or if you use a different browser, or...) From a whole bunch of
different sources.
2 - a number of the entities behind those trusted roots go out of business,
or become somebody else, or... A quick quiz, based on the root certs from
IEv6 (yes, I know the answer to these questions, but I've been working in
the PKI area for over 15 years - how about most people):
- who owns the private keys associated with those 3 "GTE Cyber Trust"
root certificates?
- what is that company doing that will conclude by June 30?
- what about the private keys associated with those four "Equifax
Secure" root certificates?
- there are at least 10 trusted root certificates marked signed by
"DST". What happened to DST?
- there are six certificates marked as being from "Thawte". Who's
"Thawte"?
- what about Xcert?
3 - most users will never know enough to delete roots as no longer being
trusted (or do what some of us do, and delete them all at system install
time; then reinstall just the ones needed, on a need-to-exist basis). Since
any cert that chains to any one of those roots will succeed silently in the
default configurations of many popular applications, who will know?
The point of this is that if you're going to use a PKI-based approach to
combatting SPAM, you have to look at the whole problem, as it exists today.
All it takes in the "real world" is a spammer (or friend of such) acquiring
the private key associated with any trusted root cert in popular
applications, and there you go - SPAM passes your tests/filters until you
figure out how to remove the cert from the list of trusted ones. Not
something that my mother will easily know how to do.
Al Arsenault
----- Original Message -----
From: "David Morris" <dwm@xpasc.com>
Cc: <ietf@ietf.org>
Sent: Friday, June 06, 2003 1:01 PM
Subject: RE: Certificate / CPS issues
>
>
> On Fri, 6 Jun 2003, Hallam-Baker, Phillip wrote:
>
> >
> > Security is risk control, not risk elimination.
>
> Absolutely!
>
> Extending that thought, managing risk is about the cost of loss vs. the
> cost of protection.
>
> Humans make mistakes. Systems fail. Sammy Sousa used the wrong bat. The
> suttles failed. To reject a service because you have one presumed example
> of failure is not realistic. A pattern of failures would be an issue, just
> like you might avoid purchase of an automobile if Consumer Reports failure
> statistics are abnormally high.
>
> For the objectives we are discussing, I think the failure rate at Verisign
> is not an issue. Most (perhaps all) folks in this discussion seem to agree
> that the issue with spam is in the volume and not the mere existance of
> spam. Social scientists could probably study the parallel growth of spam
> and the corresponding growth in frustration and even end up with a volume
> of spam which most people would be comfortable with. I strongly suspect
> that reducing and keeping spam at 10% of current levels would probably be
> success. Certainly, 1% would be.
>
> On that premis, I'm certain it doesn't matter if 1 of the current 200
> heavy duty spammers gets a fraudulant certificate. That might make final
> identification more difficult, but most of the other mechanisms will still
> function.
>
> 1. Proof of common source of the quantity of emails needed to be
> ruled as illegal
> 2. Source based filtering can still block mail identified with the
> cert
> 3. Once the fraud is discovered, the CA is likely to have process
> in place to avoid issuing new certs to the same entity
>
> The last time I investigated, Verisign had certificates of different types
> with different prices and levels of identification verification. Even the
> cheapest have some cost and since I doubt that Verisign accepts cash
> payment, there is identity associated with the payment. Worst case is a
> stolen credit card is used to make payment. Since that is an immediate
> felony, it may actually be the best case from anti-spam perspective.
> Because of this cost (and the difficulty of obtaining and risk of using a
> large number of stolen credit cards), it seems less likely that spammers
> will follow the scenario of obtaining a large number of throw away
> certificates.
>
> Conclusion, I don't see the less than 100% trustworthiness of any CA to be
> an impediment to the use of certificates as part of an email origin
> identification scheme. Only a fool would accept a self-signed certificate
> as having any significance so I think the suggestion that the ability of a
> spammer to generate their own storm of certificates has little merit.
>
> Dave Morris
>