One of the advantages of the SSL industry is that certificates can be issued from most trusted certification authorities (CAs). This allows certificate customers flexibility in choosing their CA or deciding to use a number of CAs. The disadvantage is the end-user does not know if the CA was authorized to issue the certificate and there could be a chance that the certificate is fraudulent.
Security experts have come out with proposals to allow domain owners to authorize CAs (Certification Authority Authorization), allow the Web server to state which public key is trusted (Public Key Pinning) or allow the owner of a website to monitor certificates that have been issued for their domain (Certificate Transparency).
Microsoft is proposing a solution to improve trustworthiness of certificates: Certificate Reputation. In Internet Explorer (IE) 11, Microsoft will extend the telemetry collected by SmartScreen Filter to include SSL certificate presented by websites. They will create tools to build intelligence about all certificates issued by every trusted root CA.
The goal is to flag potential man-in-the-middle (MITM) attacks using publicly trusted certificates. Examples of flags are:
- Website using a subordinate CA certificate
- Website presents a different certificate for only certain regions
- Significant change in the fields of the certificates that a CA issues, such as the OCSP responder location
Certificate Reputation has the following advantages:
- Privacy – When a certificate subscriber purchases a certificate for its internal domain name, this domain name will not be available publicly. Data will also be sent encrypted and no personally identifiable information is retained.
- Certificate Monitor – Domain owners could be notified by email when new certificates are issued with their domain names.
- Scalable – The solution will scale without requiring cooperation from third parties such as website operators.
- Deployment – Certificate Reputation should be easy to deploy as it will only require efforts from Microsoft. The solution will not rely on changes being performed by third parties such as CAs, subscribers, Web server developers and OCSP developers.
Security experts also say there are some disadvantages:
- No Public Log – Microsoft will own the database and it will not be made publicly available, nor available for audit.
- Sensitivity – Attacks that are highly targeted will be difficult to detect.
- All Certificates Not Covered – The solution will rely on the telemetry gathered by the use of IE 11 (and later). This means it is targeted at certificates that browsers use and not other applications. There is also the opt-out issue, where an organization might not provide data back to Microsoft; in this case, the solution will be deprecated for those sites.
There is also the issue of Certificate Transparency (CT) versus Certificate Reputation. Google is pro-CT and is looking to require the CAs to support CT for EV SSL certificates in 2015. With the proposal of Certificate Reputation, it would appear that Microsoft does not support the CT proposal. This could be a disadvantage to CAs that use Windows PKI that might not support CT.
Updated March 12, 2014: Brad Hill provided his comments on Certificate Reputation, some of which were used in the post above.
Updated April 22, 2014: Microsoft provided a follow-on post on Certificate Reputation.