> To protect our users, Firefox, together with Chrome, will block the use of the Kazakhstan root CA certificate. This means that it will not be trusted by Firefox even if the user has installed it.
I don't like this (to be honest, I don't like the whole "certificate authority" thing to begin with).
I don't think my browser should meddle in my relationship with the state.
Why don't they also block every CA residing in the US? The US government coerces companies into giving away private data. How do we known that they don't share their private keys with the US government? Will Mozilla & Google take the blame when this happens? because they've declared themselves the guardians of certificate trust.
What if I legitimately need to install this certificate?
CAs use their private keys to sign website operators' public keys. They don't know the website operators' private keys. Therefore, the only way a rogue CA could intercept traffic is by issuing fake certificates with keys controlled by the attacker, which is what CT aims to detect.
Of course, CT doesn't prevent website operators from sharing their private keys with third parties, but the discussion here is about CAs, not website operators.
As I understand it, if you come across a certificate signed by a CA that claims to follow CT, but isn't in the CT logs, it's a fairly major red flag - at the very least, the certificate has been mis-issued. If the third party _does_ log it in certificate transparency, a site owner can check if any certificates have been issued that they did not ask for.
Question for those with a fuller understanding: How can a browser verify this without leaking knowledge about every SSL certificate (and thus a significant percentage of browsing history) they have seen?
When issuing the certificate, the CA submits a pre-certificate to the CT logs, and the final certificate includes a cryptographic proof that the certificate was included in the log. The browser can check that proof without needing to query a 3rd party.
Though not the US, the Dutch firm DigiNotar's root cert was blacklisted following blatant misuse.
Run by VASCO, the certificate was used to issue fraudulent certificates principally in Iran, though the company also issued certificates used by the Dutch government.
The CA was taken over by the Dutch government prior to being shut down entirely in bankruptcy proceedings. Over 10,000 client companies were affected.
VASCO was spun off to the Chicago, USA, based OneSpan.
Browser developers have specific expertise and interest in monitoring CAs, and have developed processes for identifying, resolving, or acting on misuse or abuse which individual systems operators cannot be expected to replicate.
> Mozilla doesn't think the state should meddle in your relationship with them, or the rest of the Internet.
I don't want to have a relationship with Mozilla. I use their browser to communicate with other people. The browser is merely a tool, and I would expect it to allow me to communicate with anyone I want (as long as it's technically feasible), not only people that Mozilla approves of.
What's your point? Mozilla and Google here are preventing the government bogus CA from being used to bypass encryption. You can talk to whoever you want, and in full safety (as opposed to doing so while being spied by a tyrannical government like Kazakhstan).
Installing a cert in the local root store means 'I fully trust the owner of this certificate'. It is an intentional feature of TLS to use this to be able to consensually MitM a TLS connection.
Yet here, western companies have decided that, regardless of whether the user wants to be Man in the Middle -ed by Kazakhstan, they simply cannot.
This is inherently a political and not a technical decision. What Kazakhstan is doing is not actually breaking TLS, but instead using a feature.
I guess the real problem is that it's not immediately obvious to non-technical users what the implications are of installing a government-issued MITM CA certificate.
That could potentially be fixed with better UI, but even then it's rather hard to communicate the danger when the user is under the influence of a social engineering attack from their own ISP. (E.g. "This certificate is needed to ensure your security. Just ignore that warning from your browser, it's not important.)
This is not a social engineering attack, or at least it need not be. It is simply made a requirement; block any connections to the outside that do not use the certificate. Then people have a choice of no HTTPS (which blocks many big sites) or HTTPS that is MitMed by the government.
Incidentally, the above is why the 'consensual MitM-ing through a root-Cert is a feature of TLS' does not hold op. It is not consensual, it is not even coerced, it is a hard requirement. You could then go into an argument about national sovereignty / complying with local laws, but that is a totally different argument.
If I want to talk to the tyrannical government using their CA, I can't do it using Chrome or Firefox.
Look, I'm as pro-freedom as they come and I'm against coercing people to install certificates, but I also think good tools don't leverage their popularity to push their political opinions, even if I agree with those opinions. Good tools allow their user to do whatever is technically possible, even if the tool maker doesn't like that use-case.
The political and personal relationships of the user fall outside the realm of concern of the tool.
> credible reports that internet service providers in Kazakhstan have required people in the country to download and install a government-issued certificate on all devices and in every browser in order to access the internet
Maybe for some it was a choice. Anyway, it's not the web browser's business.
If my anyone is coercing me to do something, it's a problem between that person and me. I don't want Mozilla lecturing me on politics, I just want to use the browser.
This is lies. They did not require people to install anything. They MITMed only mobile internet. They MITMed only one city. On this city only few domains were MITMed. Only a fraction of connections to those domains were MITMed.
So in practice I think that most people did not even notice anything. And those who noticed could just press F5 few times. Or use VPN as many people do anyway.
I don't think my browser should meddle in my relationship with the state.
Neither do I, but in practice the browsers already do meddle in your relationship with the state: they decided to include that certificate in the first place!
> To protect our users, Firefox, together with Chrome, will block the use of the Kazakhstan root CA certificate. This means that it will not be trusted by Firefox even if the user has installed it.
I don't like this (to be honest, I don't like the whole "certificate authority" thing to begin with).
I don't think my browser should meddle in my relationship with the state.
Why don't they also block every CA residing in the US? The US government coerces companies into giving away private data. How do we known that they don't share their private keys with the US government? Will Mozilla & Google take the blame when this happens? because they've declared themselves the guardians of certificate trust.
What if I legitimately need to install this certificate?