White paper How to choose a Certificate Authority for safer web security How to choose a Certificate Authority for safer web security Executive summary Trust is the cornerstone of the web. Without it, no website or online service can succeed in the competitive online marketplace. Systems are in place that help domain owners demonstrate to their users that they are trustworthy, and that their website or service does what it should. However, these systems have come under increasing attack. 2011 has seen a spate of breaches that have targeted the systems of Certificate Authorities (CAs), the companies that prove websites and services are secure and safe to use. Some of these attacks have undermined the trusting relationship between users and even well-known online brands. The changing security landscape has demonstrated that not all CAs are created equal, and choosing the right CA is critical to running and maintaining a safe and trusted online business. This white paper looks at the role of CAs in web security, including what measures a CA can take to promote trust in its certificates and the criteria to consider when choosing the best CA for the job. 2 How to choose a Certificate Authority for safer web security The role of certificate authorities Why do sites need to be trusted? As use of the internet has become increasingly commonplace and crucial to a wide range of applications, criminals have found themselves with an ever-growing group of people they can target. Criminals are exploiting internet users in many ways, including: • Using social engineering, bogus links and other means to direct people to sites that resemble those they frequently use. • Fooling people into consciously or unconsciously giving up confidential details that can then be used for fraudulent purposes. • Putting malware onto a user’s computer that quietly turns the machine into a tool for further crime. • Spoofing a domain, which may allow a criminal to impersonate someone sending email from that domain or spying on their conversations. This is not just a consumer problem – businesses’ internal email systems can be compromised in this way too, opening them up to industrial espionage. Apart from hurting users, this activity is detrimental to the brand of the real site being spoofed. Trust is harmed when the user no longer feels safe. How do people using the internet know when to trust a site? Fortunately, people are becoming increasingly savvy about the need to trust the sites they are visiting. They may not know the explicit details of the threats they face when dealing with malicious or compromised websites, but they are aware that there are ways to establish trustworthiness, including: • Padlock icon: The most common sign that a site is more trustworthy than others coincides with the use of “https” rather than “http” as the prefix to the page’s web address. • Green address bar: More recently, users will have become aware that the highlighting of part of the address bar denotes even greater security. Behind the scenes, the “https” is an indicator that the The green address bar shows the name of the business verified to use this website address and means that this web page is secure. page is being viewed using a secure connection to the site owner’s servers. HTTP Secure (HTTPS) combines the standard HTTP protocol with the Secure Sockets Layer (SSL) protocol, and its use shows that the site’s servers have been authenticated using an SSL certificate. The colouring of the first piece of the address bar shows that the site’s owner has gone a step further and offered themselves up for extensive vetting and authentication procedures, to prove the site is what it says it is. By doing so, they will have gained an Extended Validation (EV) SSL certificate that the browser can recognise, leading to the special 3 How to choose a Certificate Authority for safer web security colouring and the display of more information than usual about the site’s operators. What is a CA and how do certificates work? The Certificate Authority (CA) is the organisation that issues SSL and EV SSL certificates. The user can always tell which CA issued a certificate by clicking on the padlock next to the site’s URL. SSL certificates are based on private and public keys that are used to establish a secure connection between the user’s computer and the site’s servers. They effectively prove that the signed public key associated with a site really does belong to the site’s owner. The CA signs the public key using its own private key, making the reliability of the CA (as a protector of that private key) essential to the reliability of the public keys they validate. When someone visits a site with an SSL certificate, the user’s browser and the site’s server need to ‘shake hands’ to kick off the session. The browser begins by requesting a certificate. Once it receives and verifies this, it generates a piece of code called a master key, and encrypts it using the public key associated with the certificate. It then sends the encrypted master key back to the site’s server. As that server has the private key underlying the public key, it can decrypt the master key, which it then uses to authenticate a message that it sends back to the client. The ‘handshake’ is now complete, and the two parties begin a trusted session. The user can always tell which CA issued a certificate by clicking on the padlock next to the site’s URL. There are different types of SSL certificate that offer varying levels of security: • Entry-level “Domain Validated” SSL certificates. The CA sends an email to an address associated with the administrator of the site. The administrator uses a link or authentication token in the email to validate their domain, and the SSL certificate is issued. However, this leaves little guarantee that the applicant is a valid business entity. • Fully-authenticated SSL certificates. The next step up in validating the business entity will only be issued once the CA has verified the business’s validity and ownership, and that the applicant is authorised to request the certificate. • Extended Validation (EV) certificates. This is the most visibly trustworthy form of SSL certificate. It tells the user not only that the certificate was issued after heavy vetting, but also that the CA issuing the certificate has itself been independently audited. Extended Validation was introduced for a reason: in the real world, not all SSL certificates are equally trustworthy. There are no minimum standards for SSL certificates and there are many smaller CAs or registration authorities that resell root certificates from the larger CAs at relatively cheap prices. It is with some of these intermediaries that problems have begun to arise. 4 How to choose a Certificate Authority for safer web security How CAs have come under attack 2011 has seen an alarming series of CA breaches. No one has been able to compromise the systems of the most robust CAs, suggesting that you often get what you pay for with CAs. In several cases, the security of intermediaries’ infrastructure was not up to the task, leading to problems for their partners and, above all, for their customers. A CA’s top business priorities should be: • • The continual hardening of the infrastructure that protects the cryptographic keys Securing the authentication process that validates identity As we have seen this year, bogus certificates and insufficient CA security have been to blame for exposing SSL-encrypted traffic. In such cases, even genuine certificates from that issuer must be treated with suspicion, and this can cause an entire CA to shut down. There is no minimum standard within the current SSL certificate market. Although price certainly plays a significant role in the purchasing process, as the multiple CA breaches this year have reminded us, price should be but one of many factors in selecting a CA. When evaluating a CA, it’s worth considering the vendor’s history of trust and security. This year, several CAs had to suspend issuing certificates because their systems were actually breached, or they were unable to confirm or deny claims of a successful attack. Similarly, a CA’s certificates could be blacklisted by browser providers if the company does not offer strong enough encryption in its products. What measures can a CA take to promote trust in its certificates? Without rigorous and diligent upkeep of the security infrastructure surrounding Certificate Authorities, CAs put their customers and the web consumer community at-large at risk. As recent attacks have demonstrated, a CA must keep its cryptographic keys secure. Doing so is an increasingly difficult task, and the ability of a CA to maintain absolute security is the most critical factor when choosing where to source your SSL certificates. Customers should only use a CA that has a strong track record of trustworthiness and employs measures including: • • • • • • • Facilities that have been designed to withstand attacks Hardware monitoring and strong network security Biometrics-based security for the facilities, along with dual-access control for key systems Hardware-based systems for cryptographically signing certificates Ensuring dual control for the issuing of all certificates with the vendor’s name on them Employing best practices for authenticating domain ownership Regular independent audits 5 How to choose a Certificate Authority for safer web security What does the future hold? Criminals and state-sponsored hackers have figured out what website owners also need to realise: not all CAs are equal. Some CAs are more vulnerable than others, and it is becoming increasingly worthwhile for hackers to exploit that vulnerability. As cloud applications start to take over from traditional desktop programs, the mass of data that needs to be kept secure keeps growing and including new types of critical information. Your customer’s trust is paramount, but a bad choice of CA could see your business risk the exposure of not only your customers, but also your own internal data, from mail and documents to spreadsheets and unified communications. Recent attacks have also revealed that hackers use a variety of means, big and small, to try to penetrate CAs’ systems. CAs must keep evolving to ensure they are ahead of the game, for their own sake as well as that of their clients. The CA you choose has to have an infrastructure that is up to the task, along with the means to act both proactively and reactively to any threat. Their security has to be extensive and varied. They have to have their eye on every link in the chain. The stakes are too high to settle for less. More information Visit our website www.verisign.co.uk To speak with a product specialist Call 0800 032 2101 or +44 (0) 208 6000 740 About Symantec Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organisations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. Symantec World Headquarters 350 Brook Drive, GreenPark Reading, Berkshire RG2 6UH, United Kingdom Copyright © 2011 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo and VeriSign Authentication are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 6