Folks here will probably be interested in this paper recently presented at HotPETS: Using BGP to Acquire Bogus TLS Certificates . Essentially, BGP hijacking can be used to fool most domain validation processes, allowing an attacker to issue a certificate for a domain they don’t control, using nearly …

That attack was also mentioned in https://groups.google.com/d/msg/mozilla.dev.security.policy/ydxiw3S3gSw/qVCWNlzYBgAJ from the “Regarding CA requirements as to technical infrastructure utilized in automated domain validations, etc. (if any)” thread on the mozilla.dev.security.policy list.

[image] jsha: Unfortunately this approach doesn't scale to the whole Internet, so we're interested in finding ways to increase the robustness of Domain Validation in general. One thing that I think could help a lot would be involving the domain registrars in the process. They are regarded as …

[image] schoen: One thing that I think could help a lot would be involving the domain registrars in the process Presumably the DNS challenge using records hosted with a registrar supporting DNSSEC (and CAA records) is immune to BGP IP hijacking and DNS poisoning attacks?

Yes, but there are two problems: First, the attacker gets to choose what challenges to use*. Second, many of the domains we would most like to protect don’t implement DNSSEC. *There is work underway at the ACME WG to extend CAA to express limits on validation methods, but it’s not ready yet.

Full disclosure: I’m the guy who started the “Regarding CA requirements as to technical infrastructure utilized in automated domain validations, etc. (if any)” thread on moz.dev.security.policy. I am not related to the paper or presentation that jsha referenced, though I have started a dialogue wit…

Hi Matt, I am Henry Birge-Lee, the lead author of the paper, and me and Matt have been exchanging emails. I would like to briefly address the status of the route age heuristic. It is not currently ready for implementation, and the HotPETS paper gives a very cursory overview of the heuristic omitti…

Hi, Henry! I’m excited about the hop-age heuristic and think it has real promise. I’m looking forward to examining the scenario as you described in the email. I think I may also be able to propose some useful refinements. If so, I hope you’ll run them against your test data set and see what diff…

Hi Matt, I look forward to future work. Ideally we will run against our test data and compare the trade-offs of each one. Feel free to send us some ideas about algorithms and we can take a look at them. I also wanted to mention ways we intend to quantify security improvements. There are three metr…

[image] jsha: They were kind enough to show us an early draft of their paper, which kicked us into higher gear on implementing the multi-viewpoint validation feature we had been intending to write for a long time. There's some code landed in Boulder, and we're working on the operation deployment…

Belatedly, I would like to offer another word of caution about the wisdom of heuristic approaches in this domain. It will nearly always be essential to compare false positive rates to true positives and not consider them absolutely. This is the downfall to many otherwise interesting looking ideas f…

Using BGP to Acquire Bogus TLS Certificates

Issuance Tech

cpu August 25, 2017, 6:03pm 10

As an update, we just announced the deployment of this feature to the staging environment.

Topic		Replies	Views
Attack on domain verification with BGP hijacking Issuance Tech	12	9227	August 19, 2017
Is it safe to use HTTP in domain validation? Client dev	23	4899	December 15, 2016
Extended checks if domain already has a EV certificate Issuance Policy	17	5452	May 20, 2017
Specify source country for http-01 challenge Feature Requests	14	3396	May 16, 2024
Alternative for allowing letsencrypt file auth connections for a geo-restricted server Feature Requests	41	452	December 17, 2024

Using BGP to Acquire Bogus TLS Certificates

Related topics