extended validation ssl march 2007 tim moses (chair, ca / browser forum)

Extended validation SSLMarch 2007Tim Moses (chair, CA / Browser Forum)

© Copyright Entrust, Inc. 2005

Overview

• Browser security

• Site authentication

• The history of SSL

• Extended validation in the browser

• Extended validation certificates

• Not a silver bullet


There’s a problem with the WebGartner reports …

• From mid-2005 until mid-2006, about 15 million Americans were victims of fraud that stemmed from identity theft– an increase of more than 50 percent from the estimated 9.9 million in 2003

• The average loss of funds in a case of identity theft was $3,257 in 2006– up from $1,408 in 2005

• An average of 61 percent of funds were recovered, in 2006– Down from 87 percent in 2005


New Phishing Sites

Morgan Keegan/UBS Jul 2006


Web vulnerabilities

Malicious code

HTTP proxy caching

Cross-site scripting

Man-in-the-middle

Site impersonation

ISP eavesdro

pping

DNS caching

Local are

a eavesdropping


First-party accreditation

• Self-signed SSL certificate– Trust dialog– Help-desk calls

• Security toolbar


Browser toolbars


Third-party accreditation

• SSL certificates


The early years (mid 90s)

• Threats to the Web– Site defacement– ISP eavesdropping

• Netscape developed SSL

• Simple trust indicators– Look for the golden key or padlock to check that you are safe

• Computer-literate users

• URL that reflects the name of the organization

• Common issuing practices– VeriSign Class 3

• Although …– There were no strict criteria for the use and management of

roots in browsers


Mid-life (2000 – 2001)

• ABA1 developed PKI Assessment Guidelines

• Audit profession recognized a need for criteria

• AICPA2 & CICA3

• Audit criteria “WebTrust for CAs”

• Similar standard in Europe : ETSI4 TS 101 456

• Adopted by Microsoft as a requirement for including roots in Windows

– Other browser suppliers followed Microsoft’s lead

• But …– There were serious omissions– Do not specify what identifying information has to be included in a certificate– Or how to validate that that information is correct– Users supposed review CPS 1 American Bar Association

2 American Institute of Certified Public Accountants3Canadian Institute of Chartered Accountants4 European Telecommunication Standards Institute


The SSL certificate marketplace

Rigour (= cost, delay, inconvenience)

Price

GoDaddy

GeoTrust

VeriSign

Entrust

Other CAs: Comodo, CyberTrust, DigiCert, Ipsca, Notaris, QuoVadis, Trustis, XRamp

All certificatescause the lockto display

Domain-validatecertificates

Organizationally-validatedcertificates


Trust indicators

Yellow address bar

Golden padlock


Evidence of a problem

• Domain-validated SSL certificates have been issued to phishing sites

• User confusion– Does the golden

padlock mean I’m secure?

– Does SSL provide authentication or just confidentiality?


CA / Browser Forum (2005)

• Major CAs and browser suppliers got together

• Formed the CA / Browser Forum

• Objective – Improve trustworthiness of the Web

• Project to develop certificate issuance guidelines for new browser trust indicators

• Microsoft has adopted an interim draft of the CABForum guidelines as the criteria for inclusion in their root embedding program


IE7 Phishing filter and EV SSL

Phishing, Suspected phishing, HTTP, HTTPS, EV


IE7 UI details

Green address bar

Golden padlock

Assumed name, registered name and country

alternating withthe issuer’s name


Opera 9


The SSL Marketplace - after EV (two points of view)

Very high threshold Moderate threshold

Conventional SSL Conventional SSLEV SSL EV SSL


EV certificate

• Identified by …– Particular certificate policy identifier

• Verified contents …– Registered name

• e.g. ACE Aviation Holdings Inc– Assumed name

• e.g. Air Canada– Domain name

• e.g. www.aircanada.com– Place of business address– Jurisdiction of incorporation– Registration number

Note: The CA must also retain verified name and contact details for the applicant


Verification requirements

• Legal existence– Government registry

• Operational existence– Trade accounts– Bank letter– Legal opinion– Accountant’s letter

• Physical existence– Trade accounts– Site visits

• Domain name– WHOIS– Practical demonstration


Other requirements

• Revocation– Browsers will check for revocation by default, using OCSP, once “stapling”

becomes widely available

• Identification and authentication of requestor/approver

• Verification of authority of requestor/approver

• Warranty by CA to subscribers, users and browser suppliers

• Errors and omissions insurance


It’s no good if users don’t check!

• EV sites place this graphic on their publicity material, including the Web site

• The message isn’t ‘if you see green you are safe’• It just reminds the user to check the site identity in the

location bar


It’s not foolproof – picture-in-picture


Conclusion

• Browser security has significant shortcomings

• EV SSL represents a dramatic improvement

• It isn’t foolproof

• User awareness remains a critical issue

• Initial marketplace reaction appears positive

For more information:- http://www.cabforum.org/

extended validation ssl march 2007 tim moses (chair, ca / browser forum)

Documents