[Web4lib] why are Certification Authorities necessary

Matthew J. Dovey matthew.dovey at oucs.ox.ac.uk
Thu Dec 8 05:39:29 EST 2005 

> The public key is obtained from a Certification 
> Authority rather than from the online store's server. 

This isn't quite accurate - the "key" (sic) here is not where you get
the public key from, but that the public key has been signed by the
Certification Authority (CA)

>If I'm sure that the public key has come from the server www.amazon.com

Which is the nub of the matter - how do you *know* that the public key
has come from the server www.amazon.com.

In a man-in-the-middle attach, any unencrypted message between you and
the server (amazon in this case), can be intercepted. When you ask for
the public key from amazon.com (which must be an unencrypted request,
since you need the public key before you can do any encrypted traffic),
the man-in-the-middle can intercept that and send you a false public key
instead of the amazon one.

The real www.amazon.com certificate will have been signed by the CA
(essentially - and simplifying a little - the certificate is supplied in
unencryped form with a copy which has been encrypted with the CA private
key; if the CA public key can decrypt that copy and it matches the
unencrypted copy, only the CA private key could have encrypted the
encrypted copy), and the www.amazon.com certificate will only be
authorised for use in talking to a server with the ip address of
www.amazon.com. Part of the CA's remit is to ensure that a certificate
for www.foo.com is only provided to someone who can demonstrate they own
www.foo.com.

The browser will be preconfigured with the public keys of trusted CAs
(as if the browser had to request the public key of a CA a
man-in-the-middle could intercept this and substitute a false public key
here too). You can add additional CAs to a browsers configuration so in
theory someone could try to trick you into adding a false CA public key
into your web browser configuration.

Another role of the CA is certificate revocation lists. A certificate
typically has a finite lifespan and this is included in the certificate
(as a sort of use by date). However, sometimes it is necessary to
invalidate a certificate before its natural expiry (e.g. if your private
key is stolen). The CA stores a list of registered invalid certificates
which a browser can check certificates against.

Matthew

More information about the Web4lib mailing list