MITM on HTTPS traffic in Kazakhstan

[snarf21]

What prevents us from having to trust Verisign (or its employees) or a government warrant, etc. to not do the same?

Can we leverage signed DNS records to add another layer of control needed? Do we also need encrypted DNS where we can choose who to trust? Are we stuck with the CA trust model?

[JoshTriplett]

> What prevents us from having to trust Verisign (or its employees) or a government warrant, etc. to not do the same?

Certificate Transparency. Current browsers are moving to not trust any certificate whose issuance wasn't publicly logged. That doesn't prevent an attacker from issuing an MITM certificate, but doing so would permanently burn a CA. (At least, once the policies are in place and enforced.)

[dwild]

The thing with certificate is that they not only add security, but they also act as a signature.

If Verisign deliver a certificate with the wrong domain, you'll be able to know that Verisign signed that certificate.

They could certainly say it was a mistake somewhere in the process, but that argument won't work for ever.

At one point sadly you need to trust someone. This model at least give you a way to prove that trust has been broken.

[clinta]

Trusted certificate authorities log issued certificates to verified certificate transparency logs.

Site owners can monitor these logs for rogue certs issued for their own domains.

[coldpie]

You're right, trust is a major issue with any PKI. You can find hundreds of research papers and blog posts and probably even a few whole books on the topic, I'm sure :)