Certificate Transparency – Protection from Google
20 Apr 2015 | Jindřich Zechmeister
Certificate Transparency (further CT) is a function which increases the credibility of certificates. Today we are going to take a closer look at CT, especially its practical side and behaviour in Google Chrome browser.
What is Certificate Transparency and Why Was it Created?
In essence, Certificate Transparency can be defined as the logging of certificates issued by Google, which not only records them, but monitors and audits them as well. CT works only in Chrome, other browsers don´t support it.
The new CT function was created to increase protection against fraudulent certificates, the technical term for which is a MITM (Man in the middle) attack. As a result, the user should be better protected against attempts to use fraudulent certificates (however, such a risk is in fact minimal).
For now, Certificate Transparency is a domain of EV certificates with extended verification but Google's aim is to expand the service to other certificate types.
What is important is that from February 2015 Chrome won't display the green line for EV certificates issued after 1. 1. 2015 unless the certificate is in a CT log! Existing EV certificates from Symantec, GeoTrust and Thawte were added to the log in December 2014 and new ones will be added automatically, so our customers won't have to worry.
Chrome Checks Public Records from Certificate
Google Chrome started displaying strange and incomprehensible messages regarding disclosure of data. Below there is an overview of four possible variations.
Identity of this website (organization XY) has been verified by [name of your CA],...- The identity of this website has been verified by ISSUER and is publicly auditable.- everything is OK and CT is working (valid timestamp).
- but there are no public records about this organization – probably due to the absence of a CT record, see below
- the identity of this website has been verified by ISSUER but does not have public audit records - CT isn't working (no valid timestamp in certificate).
- claims it has public audit records but they cannot be verified – timestamp has been signed but it isn't in a known log and can't be verified
- but public audit records have failed verification – timestamp is stated in the known log but can't be verified)
It didn't cross my mind at first that this message is related to Certificate Transparency, but it is. Objections about public audit records are therefore not related to CT. I am surprised, however, that the message doesn't contain any further explanation. The link to CT appears only in a positively verified record, there is nothing in the message about a mistake.
What to Do from a Web Operator's Point of View?
It is crucial to choose a reliable certificate authority, which looks after publicizing EV certificates issued in the CT log, for example Symantec, Thawte or GeoTrust. The rest then takes care of itself and the result is positive.
The advantage for website owners is the option to control and overview the certificates issued from the domain owner's point of view. You will find out whether a higher certificate authority has issued a certificate for your domain. If it happens without your knowledge, you can prevent its abuse in time.
What Happens if Certificate Transparency Doesn't Work?
In case of a CT malfunction, Chrome shouldn't display the green EV stripe of the certificate. However, it is hard to predict how Google inserts the alert into Chrome. I think it's more likely that the browser will display a warning about untrustworthiness. Nowadays CT probably affects the display of HTTPS symbol by lower certificate types as well. This way, Google has been creating chaos in Chrome and in alerting.
Not Everything by Google is Perfect
Certificate Transparency has been created with the good intention of strengthening users' protection against fraudulent certificates. There are several flaws, though, which I have to mention.
The first flaw is the support only in Chrome; so far other browsers haven't started using CT. The second one is Google itself, which is very aggressive where security is concerned and it rushes to deploy new functions into Chrome (just remember SHA-1). Chrome is now in a state when it often shows nonsensical warnings for certificates and even different ones for platforms (now you can see warnings on linux which you wouldn't see in Windows. This might be caused by the different speed of programmers’ work for the linux version of Chrome).
The CT principle itself isn't perfect but I don't want to analyze all my reservations here and will direct the reader to the first source at the end of this article instead. The article's author's main criticism is that CT doesn't serve to prevent MITM attack as much as it helps its later discovery.
The operator of the main log, Google, is acting as if CT didn´t concern it. It leaves the checks up to the public; domain owners are supposed to check the logs themselves (!) and search whether fraudulent certificates have been issued for their domains (!). Logs can also be checked by log "monitors" but it isn't clear what they are supposed to do if they suspect something. It also isn't clear what they should do if they have tested positive for CT in the log (eventually the result will be that each of them will report something else).
CT in its current form doesn't address the situation in which fraudulent certificates come directly from the certificate authority (CA) (which happens when the CA is hacked, which luckily rarely happens, or when the CA collaborates with secret services). Of course on issue, the authority would probably publish the certificate's entry into CT.
Another problem is the fact that CT functions automatically, and there is no opt-out option, meaning the option to cancel the issue of the certificates. The certificate owner can't influence anything and if he doesn't like CT, he doesn't have a choice.
More information:
The Trouble with Certificate Transparency. Criticism of flaws. Certificate transparency and reservations. Certificate Transparency. Official Google website about Certificate transparency. A Comparison of HTTPS Reforms. Reflection on "improving" SSL/TLS protocol and comparison of these new functions.TLS certificate specialist
Certificated Sales Expert Plus
e-mail: jindrich.zechmeister(at)zoner.com