The author doesn't explain at all why he thinks that not using StartSSL solves any problem. This indicates a major and common misunderstanding of how certificates and PKI work.
Essentially it doesn't matter which Certificate Authority you use for security reasons - because any CA can attack you, whether you're their customer or not. This can only be mitigated by using key pinning (hpkp), but then - at least if you pin leaf certificates - it still doesn't matter which CA you choose.
Every text that indicates "I don't trust CA X for reason Y, therefore I don't use them" is based on a misunderstanding of how certificates work.
(And yes - I know that there is the issue that you can let StartSSL create the private key for you. Just don't do this ever, no matter which CA you use.)
> Firefox (and Chrome) disable Pin Validation for Pinned Hosts whose validated certificate chain terminates at a user-defined trust anchor (rather than a built-in trust anchor).
I understand this as "when using HPKP, you have to pin a CA certificate, not your site's leaf certificate". If this understanding is correct, I think your comment about HPKP is wrong and it is in fact a good idea to use a CA you find trustworthy and pin its certificate. Agree?
> "I don't trust CA X for reason Y, therefore I don't use them" is based on a misunderstanding of how certificates work.
I don't think so. If you don't trust a particular CA then you shouldn't in good conscience make trusting them a requirement to access your services. And by using an untrustworthy CA you are making it harder for browsers and distribution maintainers to distrust them if they start abusing that trust.
If you use StartSSL, and then down the line they go well and truly rogue, browser vendors will have to consider ceasing to trust StartSSL in future releases. If your site is popular, it will be one more reason for them not to do that, which would leave their users less safe. If they do decide to untrust StartSSL, this will break your site.
Well, you could pin your CA's certificate so at the very least your repeat users won't be at risk but fundamentally you're right and it is a common misconception.
It's proven in the past that they're not a security company for anything that deals with protecting yourself against snooping by the Chinese state and will negatively affect your security.
Seeing this in relation to free SSL intended to be deployed all over the internet. Yeah, that is worrying.
For Chinese people working in IT industry, Qihoo is an awful company for the reasons mentioned above, but also for allegedly assisting government Internet censorship.
I've worked with a company that at least 30% of our user base uses Qihoo brower. They blocked few of our domains and now, someone from Qihoo asked us to pay so that they will unblock our domains.
Example, try search proprietary software, say 'Autocad', first few results are always pirate sites, while google will show the Autodesk site and the wikipedia post.
Recently Baidu also under the spotlight for monetizing illness-related forums[1]. The issue is some patients accused the Internet giant selling their private info to _unqualified_ private hospitals. These hospitals charge a lot but usually their hardware and staff are underqualified.
Qihoo offers CDN and managed DNS services[1]. The choice is odd on StartSSL's part but may not be necessarily insidious.
What more, not using their services does not enhance or harm your security in many meaningful way as long as they remain a trusted CA who can sign any domain they want to. If nation-state espionage is really a concern for you, take a few minutes of your time and purge the list of trust anchors installed on your OS[2].
There's really not much reason to use StartSSL now that Let's Encrypt, AWS Certificate Manager and others offer free certs with vastly better support, tooling and interfaces.
StartSSL has some of the worst support I've ever encountered. Normally bad support means clueless or non-responsive. However StartSSL support is often actively hostile, treating customers as idiots or worse. I should point out that this isn't always the case, and I have used them in the past without trouble, but the times when it is bad are bad enough to write them off. Their site also looks like it was made in 1998, and while using client certificates is secure and everything, it's also seriously user-hostile. I have to remember which computer and browser I used a year ago to sign up? Yeah, I know I should back up client certificates, but seriously who does that?
When I can use Let's Encrypt to get a certificate in production without running anything on my production web server, I'll consider it. Right now, StartSSL validates my domain via email and I only have to touch it once a year, not once every 3 months like Let's Encrypt.
Just today, I'm setting up my first https by myself.
Started with Let's Encrypt. Running Mac OS X. Failed. Guessed cause has something to do with macports vs homebrew and having the proper Python version active. Disabled macports. Now the app runs.
But I got "Failed to connect to host for DVSNI challenge".
Start googling, reading, messing around with this for a while. No joy.
Bailed on Let's Encrypt, started over with StartSSL, because its the first source of free for not-for-profit certs I found.
Lack of support for wildcard certificates is still an issue for Let's Encrypt. Rate limiting and SNI are two issues that means a wildcard certificate is still highly desirable.
Except for third-party services you need to provide your own SSL certificates for. AFAIK there's no way to automate renewing the certificate you use for GitHost (with a custom domain), for example.
The author doesn't say why this is worrisome. He just says he's worried "that the PKI front-end (auth.startssl.com) is now hosted within a Chinese Antivirus Company, who uses a Chinese ISP for 2 months and that there hasn't been any news around".
The article could certainly use a bit more connecting-the-dots to show how he gets from "they're hosted in China" to "I won't use them anymore".
I think the implication is that the Chinese government exerts a lot of control over the internet there, and are openly monitoring/intercepting internet traffic. As such, they shouldn't be considered a trusted authority for security related purposes.
Fine, stop using them. You still trust them. Your visitors browsers still trust them. Being paranoid wrt a Chinese CA really makes no sense. They have as much incentive as a western CA to behave wrt keeping their signing keys secure, and their revocation list sensible, which is all that really matters.
There are many things to take into account when choosing a CA to use for your site. But security, jurisdiction and any history of mis-issuance are not relevant to you; only reliers. And no relier has any choice in the matter anyway, or any economic relationship they can terminate.
(Things change if you start to use HPKP and pin to a particular root; nobody does that though because it's an availability and economic nightmare.)
Western CA's and ISPs are just as "state encumbered" as Chinese ones. We just turn a blind eye, for some reason.
It would be so easy for NSA/GCHQ to recruit or place an "agent" inside of any Western CA or ISP they wanted. There is even evidence in recent years that this has been happening.
This was merely the most recent incident. Yes Symantec covered it up quite nicely and framed it as a test that went wrong (the Russian's used that excuse with Chernobyl) but there is no evidence those "rogue employees" were not acting for the state i.e. the USA.
Still think the West CA's and ISPs are better than Chinese ones?
The only question you need to ask yourself is: Which government would you rather have eyes on your data? One might surmise that if you have something to hide from Western eyes then use a Chinese provider. And if you have something to hide from Chinese eyes then use a Western provider. The balance of probabilities, I believe, backs this up.
On a related note, Cloudflare use Baidu servers in China operated by Baidu staff. My understanding is that this means private SSL keys given to Cloudflare live on Baidu owned and operated servers.
They offer "keyless" ssl which puts the private key back in the data center but this adds complexity and latency on the initial connect so I suspect most don't use it.
CloudFlare's network in China does not contain configuration, settings, SSL certificates etc. from non-China CloudFlare customers. We run separate infrastructure there and only if you go through the hoops to expose your web site on our network inside China do we send information about your web site there.
[quote]For the moment the China network does not support HTTPS traffic (HTTP only). Support for SSL/TLS will be made available in the coming months.[/quote]
As long as you don't sign in to China servers, they won't put you there. Even if you want to, first you need valid ICP certificate issued by Chinese govt.
Baidu is like Google but in China. They must already have a certificate in any browser's trust store. And also, think about all the keys contained in AWS servers, and AWS is in America...
"StartSSL already refused to revoke certificates affected by the HeartBleed vulnerability and accused the user from negligence."
That's wrong. They did charge a $25 fee for the revocation, however. I think it's reasonable since there is probably some manual process involved and the certificate was already free. They have to earn money somehow.
Reading this I'm more worried about the personal data StartSSL has about me. I never felt good giving away so much personal data to CAs when acquiring certificates to identify myself. Do we know how StartSSL handles this? Do the Chinese now have a copy of my passport, electricity bill et cetera? (well, I've been to China already, so the state already got my passport, but not necessarily a "private" company).
If the Chinese don't have it, the Mossad does. The fear is real. Maybe StartSSL was only a Mossad front to collect valid/real identities from around the world to use on covert ops.
I personally have a serious problem dealing with the state of china's telecommunications. It's about as close to evil as you can get. I'm not saying other state actors are much better but, I'm just saying ...
I had a bad experience with StartSSL using their free SSL cert. Basically they just treat you like a thief or scumbag trying to take advantage of their freebie. Eventually I found a company selling $10/year cert which I am happily paying. Now this adds another excuse for me to avoid StartSSL even more.
[+] [-] hannob|10 years ago|reply
Essentially it doesn't matter which Certificate Authority you use for security reasons - because any CA can attack you, whether you're their customer or not. This can only be mitigated by using key pinning (hpkp), but then - at least if you pin leaf certificates - it still doesn't matter which CA you choose.
Every text that indicates "I don't trust CA X for reason Y, therefore I don't use them" is based on a misunderstanding of how certificates work.
(And yes - I know that there is the issue that you can let StartSSL create the private key for you. Just don't do this ever, no matter which CA you use.)
[+] [-] maggit|10 years ago|reply
Quoting https://developer.mozilla.org/en/docs/Web/Security/Public_Ke...:
> Firefox (and Chrome) disable Pin Validation for Pinned Hosts whose validated certificate chain terminates at a user-defined trust anchor (rather than a built-in trust anchor).
I understand this as "when using HPKP, you have to pin a CA certificate, not your site's leaf certificate". If this understanding is correct, I think your comment about HPKP is wrong and it is in fact a good idea to use a CA you find trustworthy and pin its certificate. Agree?
[+] [-] Spivak|10 years ago|reply
I don't think so. If you don't trust a particular CA then you shouldn't in good conscience make trusting them a requirement to access your services. And by using an untrustworthy CA you are making it harder for browsers and distribution maintainers to distrust them if they start abusing that trust.
[+] [-] tptacek|10 years ago|reply
[+] [-] MBlume|10 years ago|reply
[+] [-] blfr|10 years ago|reply
[+] [-] philbarr|10 years ago|reply
Can you (or someone) explain why this is? I don't understand.
[+] [-] mfjordvald|10 years ago|reply
It's proven in the past that they're not a security company for anything that deals with protecting yourself against snooping by the Chinese state and will negatively affect your security.
Seeing this in relation to free SSL intended to be deployed all over the internet. Yeah, that is worrying.
[+] [-] steve371|10 years ago|reply
a. they labeled their own browser as a Microsoft security update, which triggered MS investigation
b. they cheated on the anti-virus lab testing and got banned. ....etc.
[+] [-] dujiulun2006|10 years ago|reply
Now let's make their awful name worldwide. ;)
[+] [-] eva1984|10 years ago|reply
It has absolutely no respect to user privacy, and will not hesitate to threaten users into their favor, if that doesn't work, hijack your computer.
Shameless, no bottomline......it is worst of the worse.
Mark my words. DONT EVER TRUST IT.
[+] [-] jaysoncena|10 years ago|reply
[+] [-] happywolf|10 years ago|reply
Example, try search proprietary software, say 'Autocad', first few results are always pirate sites, while google will show the Autodesk site and the wikipedia post.
Recently Baidu also under the spotlight for monetizing illness-related forums[1]. The issue is some patients accused the Internet giant selling their private info to _unqualified_ private hospitals. These hospitals charge a lot but usually their hardware and staff are underqualified.
[1] http://www.chinadaily.com.cn/business/2016-01/12/content_230...
[+] [-] kccqzy|10 years ago|reply
[+] [-] Laforet|10 years ago|reply
What more, not using their services does not enhance or harm your security in many meaningful way as long as they remain a trusted CA who can sign any domain they want to. If nation-state espionage is really a concern for you, take a few minutes of your time and purge the list of trust anchors installed on your OS[2].
[1]:https://cdn.cloud.360.cn/
[2]:https://github.com/chengr28/RevokeChinaCerts
[+] [-] bjacobel|10 years ago|reply
[+] [-] ascorbic|10 years ago|reply
[+] [-] aftbit|10 years ago|reply
[+] [-] specialist|10 years ago|reply
Started with Let's Encrypt. Running Mac OS X. Failed. Guessed cause has something to do with macports vs homebrew and having the proper Python version active. Disabled macports. Now the app runs.
But I got "Failed to connect to host for DVSNI challenge".
Start googling, reading, messing around with this for a while. No joy.
Bailed on Let's Encrypt, started over with StartSSL, because its the first source of free for not-for-profit certs I found.
Happy to take recommendations for alternatives.
[+] [-] 0x0|10 years ago|reply
[+] [-] cm2187|10 years ago|reply
[+] [-] Tepix|10 years ago|reply
[+] [-] josteink|10 years ago|reply
Have you tried using it? On every domain I've tried to obtain a cert it has failed.
For me StartSSL may be suboptimal, but at least it works, which is more than I can say for Letsencrypt in its current state.
[+] [-] pluma|10 years ago|reply
[+] [-] larrymcp|10 years ago|reply
The article could certainly use a bit more connecting-the-dots to show how he gets from "they're hosted in China" to "I won't use them anymore".
[+] [-] taneq|10 years ago|reply
[+] [-] nly|10 years ago|reply
[+] [-] ctz|10 years ago|reply
There are many things to take into account when choosing a CA to use for your site. But security, jurisdiction and any history of mis-issuance are not relevant to you; only reliers. And no relier has any choice in the matter anyway, or any economic relationship they can terminate.
(Things change if you start to use HPKP and pin to a particular root; nobody does that though because it's an availability and economic nightmare.)
[+] [-] nbevans|10 years ago|reply
It would be so easy for NSA/GCHQ to recruit or place an "agent" inside of any Western CA or ISP they wanted. There is even evidence in recent years that this has been happening.
http://www.theregister.co.uk/2015/09/21/symantec_fires_worke...
This was merely the most recent incident. Yes Symantec covered it up quite nicely and framed it as a test that went wrong (the Russian's used that excuse with Chernobyl) but there is no evidence those "rogue employees" were not acting for the state i.e. the USA.
There was also the recent incident with Juniper networks and the state-sponsored backdoor that had been present in much of their network gear for a few years. See: http://www.wired.com/2015/12/researchers-solve-the-juniper-m...
Still think the West CA's and ISPs are better than Chinese ones?
The only question you need to ask yourself is: Which government would you rather have eyes on your data? One might surmise that if you have something to hide from Western eyes then use a Chinese provider. And if you have something to hide from Chinese eyes then use a Western provider. The balance of probabilities, I believe, backs this up.
[+] [-] mmaunder|10 years ago|reply
http://www.cnbc.com/2015/09/14/chinas-baidu-and-cloudflare-i...
They offer "keyless" ssl which puts the private key back in the data center but this adds complexity and latency on the initial connect so I suspect most don't use it.
[+] [-] jgrahamc|10 years ago|reply
Your "understanding" is completely wrong.
CloudFlare's network in China does not contain configuration, settings, SSL certificates etc. from non-China CloudFlare customers. We run separate infrastructure there and only if you go through the hoops to expose your web site on our network inside China do we send information about your web site there.
Source: me (I'm CloudFlare's CTO)
[+] [-] dujiulun2006|10 years ago|reply
[quote]For the moment the China network does not support HTTPS traffic (HTTP only). Support for SSL/TLS will be made available in the coming months.[/quote]
As long as you don't sign in to China servers, they won't put you there. Even if you want to, first you need valid ICP certificate issued by Chinese govt.
[+] [-] baby|10 years ago|reply
[+] [-] Tepix|10 years ago|reply
"StartSSL already refused to revoke certificates affected by the HeartBleed vulnerability and accused the user from negligence."
That's wrong. They did charge a $25 fee for the revocation, however. I think it's reasonable since there is probably some manual process involved and the certificate was already free. They have to earn money somehow.
[+] [-] derFunk|10 years ago|reply
[+] [-] testerooooooo|10 years ago|reply
[+] [-] daryltucker|10 years ago|reply
[+] [-] hoodoof|10 years ago|reply
[+] [-] mchahn|10 years ago|reply
[+] [-] happywolf|10 years ago|reply
[+] [-] chebum|10 years ago|reply
[+] [-] unknown|10 years ago|reply
[deleted]
[+] [-] ck2|10 years ago|reply
Then you could have a choice of multiple authorities verifying each other, independent and commercial.
[+] [-] prusswan|10 years ago|reply
[+] [-] mwcampbell|10 years ago|reply
[+] [-] Tepix|10 years ago|reply
[+] [-] Kovah|10 years ago|reply