[openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

[Michael Wojcik]

> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Blumenthal, Uri - 0553 - MITLL
> Sent: Friday, December 07, 2018 15:30

> If there's a non-EV CA that would give you a cert for DNS name amazon.com - I'd like to make sure it's in my list and
> marked Not Trusted.

Wrong threat model, I think. While it's certainly possible that someone could trick or coerce one of the (many) CAs trusted by popular browsers into issuing a DV certificate for *.amazon.com or similar, Certificate Transparency would (eventually) catch that.

Homograph attacks combined with phishing would be much cheaper and easier. Get a DV certificate from Let's Encrypt for anazom.com or amazom.com, or any of the Unicode homograph possibilies (Cyrillic small letter a and small letter o are both applicable here) to catch the vast majority of users who haven't enabled raw punycode display (assuming their browser even supports it). Phishing is easy with a forged Amazon email about any purchase - users will tend to think someone has hacked their Amazon account and follow the link to investigate without questioning the provenance of the link itself.

Part of the point of EV certificates was supposed to be making the difference in trust visible to end users. If user agents ignore the EV distinction, then I for one don't see how EV certificates are worth a premium. Stronger requirements don't accomplish anything if those requirements can't be verified by the vast majority of users.

--
Michael Wojcik
Distinguished Engineer, Micro Focus