Extended validation SSL March 2007 Tim Moses (chair, CA / Browser Forum)

© Copyright Entrust, Inc Overview Browser security Site authentication The history of SSL Extended validation in the browser Extended validation certificates Not a silver bullet

© Copyright Entrust, Inc There’s a problem with the Web Gartner reports … From mid-2005 until mid-2006, about 15 million Americans were victims of fraud that stemmed from identity theft –an increase of more than 50 percent from the estimated 9.9 million in 2003 The average loss of funds in a case of identity theft was $3,257 in 2006 –up from $1,408 in 2005 An average of 61 percent of funds were recovered, in 2006 –Down from 87 percent in 2005

© Copyright Entrust, Inc New Phishing Sites Morgan Keegan/UBS Jul 2006

© Copyright Entrust, Inc Web vulnerabilities Malicious code HTTP proxy caching Cross-site scripting Man-in-the-middle Site impersonation ISP eavesdropping DNS caching Local area eavesdropping

© Copyright Entrust, Inc First-party accreditation Self-signed SSL certificate –Trust dialog –Help-desk calls Security toolbar

© Copyright Entrust, Inc Browser toolbars

© Copyright Entrust, Inc Third-party accreditation SSL certificates

© Copyright Entrust, Inc The early years (mid 90s) Threats to the Web –Site defacement –ISP eavesdropping Netscape developed SSL Simple trust indicators –Look for the golden key or padlock to check that you are safe Computer-literate users URL that reflects the name of the organization Common issuing practices –VeriSign Class 3 Although … –There were no strict criteria for the use and management of roots in browsers

© Copyright Entrust, Inc Mid-life (2000 – 2001) ABA 1 developed PKI Assessment Guidelines Audit profession recognized a need for criteria AICPA 2 & CICA 3 Audit criteria “WebTrust for CAs” Similar standard in Europe : ETSI 4 TS Adopted by Microsoft as a requirement for including roots in Windows –Other browser suppliers followed Microsoft’s lead But … –There were serious omissions –Do not specify what identifying information has to be included in a certificate –Or how to validate that that information is correct –Users supposed review CPS 1 American Bar Association 2 American Institute of Certified Public Accountants 3Canadian Institute of Chartered Accountants 4 European Telecommunication Standards Institute

© Copyright Entrust, Inc The SSL certificate marketplace Rigour (= cost, delay, inconvenience) Price GoDaddy GeoTrust VeriSign Entrust Other CAs: Comodo, CyberTrust, DigiCert, Ipsca, Notaris, QuoVadis, Trustis, XRamp All certificates cause the lock to display Domain-validate certificates Organizationally-validated certificates

© Copyright Entrust, Inc Trust indicators Yellow address bar Golden padlock

© Copyright Entrust, Inc Evidence of a problem Domain-validated SSL certificates have been issued to phishing sites User confusion –Does the golden padlock mean I’m secure? –Does SSL provide authentication or just confidentiality?

© Copyright Entrust, Inc CA / Browser Forum (2005) Major CAs and browser suppliers got together Formed the CA / Browser Forum Objective – Improve trustworthiness of the Web Project to develop certificate issuance guidelines for new browser trust indicators Microsoft has adopted an interim draft of the CABForum guidelines as the criteria for inclusion in their root embedding program

© Copyright Entrust, Inc IE7 Phishing filter and EV SSL Phishing, Suspected phishing, HTTP, HTTPS, EV

© Copyright Entrust, Inc IE7 UI details Green address bar Golden padlock Assumed name, registered name and country alternating with the issuer’s name

© Copyright Entrust, Inc Opera 9

© Copyright Entrust, Inc The SSL Marketplace - after EV (two points of view) Very high thresholdModerate threshold Conventional SSL EV SSL

© Copyright Entrust, Inc EV certificate Identified by … –Particular certificate policy identifier Verified contents … –Registered name e.g. ACE Aviation Holdings Inc –Assumed name e.g. Air Canada –Domain name e.g. –Place of business address –Jurisdiction of incorporation –Registration number Note: The CA must also retain verified name and contact details for the applicant

© Copyright Entrust, Inc Verification requirements Legal existence –Government registry Operational existence –Trade accounts –Bank letter –Legal opinion –Accountant’s letter Physical existence –Trade accounts –Site visits Domain name –WHOIS –Practical demonstration

© Copyright Entrust, Inc Other requirements Revocation –Browsers will check for revocation by default, using OCSP, once “stapling” becomes widely available Identification and authentication of requestor/approver Verification of authority of requestor/approver Warranty by CA to subscribers, users and browser suppliers Errors and omissions insurance

© Copyright Entrust, Inc It’s no good if users don’t check! EV sites place this graphic on their publicity material, including the Web site The message isn’t ‘if you see green you are safe’ It just reminds the user to check the site identity in the location bar

© Copyright Entrust, Inc It’s not foolproof – picture-in-picture

© Copyright Entrust, Inc Conclusion Browser security has significant shortcomings EV SSL represents a dramatic improvement It isn’t foolproof User awareness remains a critical issue Initial marketplace reaction appears positive For more information:-