Comodo compromise demonstrates need for DNSSec migration
Comodo, a company you probably never heard of which holds one of the many master keys to the Internet’s SSL X.509 Public Key Infrastructure (PKI) system, admitted that their root certificate authorities have been compromised by attackers. Those attackers issued themselves SSL certificates for seven companies including Google, Skype, and Yahoo so they can fully masquerade as one of the seven companies with legitimate looking SSL certificates. Comodo responded by revoking those certificates, but that won’t offer full protection until every device on the planet replicates the revocations and we have only Comodo’s word that more certificates haven’t been compromised.
This attack highlights a much more fundamental problem with X.509. A lot of large companies will say “oh but we use more reputable certificate authorities for SSL”, but it doesn’t matter because the fundamental weakness of X.509 allows any one of the many certificate authorities to compromise the entire SSL PKI system. Any nation (including rogue states) have access to the master keys. Anyone willing to spend around $40,000 can simply buy themselves access to a root certificate (essentially a “master key”) that would allow them to create any SSL certificate they desire. Although the terms of the root certification signing authority contractually forbid buyers from abusing their root certificate, it’s a useless trust based on the honor system.
DNSSEC is a new secure Domain Name System (DNS) that also has the ability to replace the fundamentally weak X.509 PKI system. DNSSEC security is vastly more secure because of the following design principles.
- Only the DNSSEC roots have master keys. By comparison, there are dozens of root authorities for X.509 and anyone with $40K or anyone who compromises one of the many root authorities have access to the master key.
- Each DNSSEC root doesn’t have a full master key. The .com root can’t sign for the .ca or .cn root.
- DNSSEC delegates limited signing authority to each domain owner. Each domain owner can sign their own certificates for their own servers and users, but they can only sign it for their own domain which eliminates the threat of cross-domain signing abuse possible with the current X.509 PKI system.
- Domain owners don’t need to pay hundreds of dollars for each server or user certificate like the current X.509 PKI racket. Not only does this save companies money, it removes barriers for the adoption of secure communications. Certificate Authority companies should earn their money providing services of value, not signing a few bits for customers who had no choice before DNSSEC.