State of the Web
-
Upload
cascouncil -
Category
Technology
-
view
275 -
download
0
description
Transcript of State of the Web
![Page 1: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/1.jpg)
The State of the Web
Robin Alden, Rick Andrews,Bruce Morton, Jeremy Rowley, Wayne Thayer
![Page 2: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/2.jpg)
The ExpertsRick AndrewsSenior Technical Director, Symantec CASC Member Jeremy Rowley
General Counsel, DigiCert CASC Member
Bruce MortonDirector, Certificate Services, Entrust CASC Member Robin Alden
Chief Technology Officer, Comodo CASC Member
Wayne ThayerVice President & General Manager, Security Products, GoDaddyCASC Member
![Page 3: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/3.jpg)
Join the Conversation
#CASChangout bit.ly/16qyUTJ
![Page 4: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/4.jpg)
About the CA Security Council• Comprised of 7 leading global Certificate
Authorities• Committed to the exploration and promotion of
best practices that advance trusted SSL deployment and CA operations
• The CASC works collaboratively to improve understanding of critical policies and their potential impact on the internet infrastructure
• https://casecurity.org/
![Page 5: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/5.jpg)
Topics
• The move to 2048-bit certificates• The move to SHA2• TLS 1.2 • EV certificates• Revocation checking • Always on SSL• PFS• New gTLDs
![Page 6: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/6.jpg)
The Move to 2048-bit Certificates• As computing power increases, companies
must move to more secure keys• Minimum 2048-bit RSA or NIST Suite B ECC
keys is recommended• Deadline – CAs to stop issuing SSL certificates
with less than 2048-bit RSA as of January 1, 2014
![Page 7: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/7.jpg)
Who Recommends 2048?Who Reference
NIST Special Report SP 800-57 – Recommendation for Key Management
NIST Special Report SP 800-131A – Transition of Algorithms and Key Lengths
CA/Browser Forum Extended Validation (EV) Guidelines
CA/Browser Forum Baseline Requirements
Adobe AATL requirements and CDS certificate policy
Microsoft Microsoft Root Certificate Program – Technical Requirements
Mozilla Mozilla CA Certificate Policy – CA:MD5 and 1024
![Page 8: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/8.jpg)
SHA-2: What and Why
• SHA-2 is the next generation cryptographic hash suite that replaces SHA-1
• Can’t continue to rely on strength of SHA-1
Algorithm and Variant
Output Size
(bits)
Collisions found?
Performance (MiB/s)
MD5 128 Yes 335
SHA-0
160
Yes
SHA-1 Theoretical attack (260)
192
SHA-2
SHA- 256/224 256/224
No139
SHA-512/384
512/384 154
![Page 9: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/9.jpg)
The Move to SHA-2
Cost$0.00
$500,000.00
$1,000,000.00
$1,500,000.00
$2,000,000.00
$2,500,000.00
$3,000,000.00SHA-1 Collisions
2012 2015 2018 2021
Expect a rapid migration to SHA-2
NIST required many applications in federal agencies to move to SHA-2 in 2010Windows XP added SHA-2 in Service Pack 3
![Page 10: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/10.jpg)
Join the Conversation
#CASChangout bit.ly/16qyUTJ
![Page 11: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/11.jpg)
It’s Time for TLS 1.2
• Gain resistance to the BEAST attack• Adds more secure cipher suites• Server configuration enhances SSL security– Majors browsers now support TLS 1.2– You have to enable TLS 1.2
![Page 12: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/12.jpg)
EV Certificates
• Purpose– Identity through the green bar– Instant reputation
• Adoption– 20-30% growth in 2013 (Netcraft, OTA)– 3-9% adoption rate (Netcraft, SSL Labs)
• Future– Increasing scope– Evolving standard
![Page 13: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/13.jpg)
Revocation Checking
• CRL (Certificate Revocation List)• OCSP (Online Certificate Status Protocol)– OCSP Stapling
• Browser revocation checking
![Page 14: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/14.jpg)
Join the Conversation
#CASChangout bit.ly/16qyUTJ
![Page 15: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/15.jpg)
Always On SSL
• The 2 Big Myths of AOSSL– SSL is computationally expensive– The network latency of AOSSL will
present inevitable performance degradation
• What does AOSSL protect against?• How to make AOSSL work for you
![Page 16: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/16.jpg)
Perfect Forward Secrecy (PFS)• Stored SSL communications can be decrypted
by attacking the server private key• Attacking keys can be done by compromise,
subverted employees, government demand, …
• PFS uses temporary individual keys for each session
• PFS means that each temporary key would need to be attacked to decrypt all
![Page 17: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/17.jpg)
How to you do PFS?
• Server must support Diffie-Hellman key exchange
• Cipher suites DHE or ECDHE need to be supported:– TLS_ECDHE_RSA_WITH_RC4_128_SHA– TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA– TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA– TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
![Page 18: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/18.jpg)
New Generic Top-Level Domains (gTLD)
• 1930 new gTLDs• ~70 approved so far• Collisions and certificates– SSAC and CAB Forum– 80% released, 20% held for evaluation, 2 on hold
• Deprecation of internal server names– Fall 2015– Revoke certificates within 120 days of contract
![Page 19: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/19.jpg)
More Information
• Learn more about Encryption athttps://casecurity.org/2013/09/13/encryption-still-works-its-about-how-you-implement-it/
• Learn more about TLS 1.2https://casecurity.org/2013/09/19/its-time-for-tls-1-2/
• Learn more about EV Certificateshttps://casecurity.org/2013/08/07/what-are-the-different-types-of-ssl-certificates/
![Page 20: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/20.jpg)
Join the Conversation
#CASChangout bit.ly/16qyUTJ
![Page 21: State of the Web](https://reader035.fdocuments.us/reader035/viewer/2022062513/554f4451b4c905423f8b47a3/html5/thumbnails/21.jpg)
Contact Information
@CertCouncilcasecurity.orglinkedin.com/groups/Certificate-Authority-Security-Council-4852478/about