More on certificate authority proliferation

Cryptographer Bruce Schneier linked to my Slate piece on rogue certificate authorities (CAs), which could allow governments like the UAE to monitor even the supposedly secure communications of journalists and others.

The smart comments include a link to this fascinating discussion at Mozilla that shows the procedures that browser-makers use when deciding which certificates to include in their root store (the list of certificates that the browser will assume are trustable). It looks like the root certificates are supposed to comply with a policy that subordinate CAs must only be used for internal purposes, but there’s no way to enforce that.

One solution is to restrict subordinate CAs for use only in a selected set of domain names. That would mean that Etisalat or the Department of Homeland Security or Ford Motors could only use the power of their CA for their own use (and not maliciously to pretend to be Gmail or your bank) – but might be difficult to impose that retrospectively on the unknown number of universal CAs that are now out there.