"Z" for zombies
Can the Kremlin be considered as a trusted source for certificates emission?
Yes, of course, I trust them to play the man in the middle and spy on all the communications.
Moscow has set up its own certificate authority to issue TLS certs to Russians affected by sanctions or otherwise punished for president Putin's invasion of Ukraine. A notice on the government's unified public service portal states that the certificates will be made available to Russian websites unable to renew or obtain …
why don't they use "Let's Encrypt" like all of the budget ISPs and individuals do...
(If "Let's Encrypt" is getting political then they defeat the purpose of their existence)
[And this issue is yet another example of harming the wrong people with the sanctions, which I would support 100% if they are actually effective in putting an end to Vlad the Putinator's worldwide conquest]
Sanctions are always a broad brush. At the moment disruption of everyday life is one of the most effective options in a country where the only legally available information is telling people that everything is fine. When this clearly isn't the case then some people might start trusting government media less.
Regarding encryption: most Russians have for years been using Telegram et al. to avoid interception and blocks by the state. Eventually Vlad gave up the attempts to cut it off. So the police are resorting to stop and "unlock your phone" tactics to find out what people think. Or maybe to find out themselves what's going on: the draconian clampdown of the media is the biggest indication that things are going as planned for Russia.
> why don't they use "Let's Encrypt" like all of the budget ISPs and individuals do...
Because this has nothing to do with Russian companies getting cut-off from other SSL authorities, and everything to do with Russia's growing ambitions to surveil their own people to easily find and arrest dissidents.
Thanks for correcting my laziness. My default position is that anything Google promotes is good for Google*. This might be overly cynical.
*As in good for Google's profits. Which depend on monetising my online existence**.
**I'd like to hope that, so far as I'm concerned, they are starving.
They don’t get the private key and certificate transparency is required for Chrome and Safari to trust certs - no exceptions. This also assumes they will get their certs added to trusted root CA lists on the browsers Russians use today.
Now let’s assume there is collusion between the independent log servers and the CA, there are multiple high-security solutions already in use to combat this. For example, static certificate pinning works on Android and iOS apps, rendering duplicate certs by the same CA worthless (just pin the leaf cert rather than the CA). In the future, we will be able to use DANE and DNSSEC to prevent covert spying; even if the CA is completely compromised, things will still be pinned safely.
They can spy via MitM. So now your browser trusts that KremlinTech has signed your webserver cert and is a trusted RootAuth. If they decided to MitM at KremlinISP the client will be presented with KremlinTech cert, which is trusted by the client.
Not totally invisible but much easier.
It also makes it much easier for the rst of us to put the cert in the bin where it belongs.
KremlinTech would only ever be able to misuse their privileges once and then they’d be blacklisted on all major operating systems and browsers overnight as CT would rat them out. Remember, this was designed as a proper, universal replacement for HPKP and it works in a far superior way (despite looking potentially less secure).
CT is mandated with independent lists which Google and Safari both dictate the choices for to the CAs. Additionally, every Enhanced Protection user of Google Chrome also contributes to detecting MitM attempts by contributing data about the sites they visit in real time while being shadowed by a Google bot when things don’t look quite right. Any attempt to MitM would be detected within hours and any attempt to sign without corresponding logs results in a full screen error message with a code of ERR_CERTIFICATE_TRANSPARENCY_REQUIRED.
Russia would pretty much have to make everyone use Firefox for this to be a viable approach to MitM.
if I want to submit information to the Russian Government I would hope their sites are secured with a Russian CA...
(for example if I was applying for a visa I would hope that the Americans could not see that)
to be honest each country needs to control their own IP address space rather than the corruption and legal dubiousness of IANA
(AFRINIC Africa Region
APNIC Asia/Pacific Region
ARIN Canada, USA, and some Caribbean Islands
LACNIC Latin America and some Caribbean Islands
RIPE NCC Europe, the Middle East, and Central Asia)
for example the law in Australia is very different than Pakistan (I'm not saying one is right or wrong just different) yet still comes under APNIC which is subject to laws in Singapore AFAIK
its time to give this Domain and IP space up to each country to manage ASAP otherwise they are going to do it anyway and its going to get messy real fast
the only reason I can see they didnt do it before is due to money and perceived altruism...
There's a difference between want and need.
The PKI trust model is hierarchical and the higher up the tree you go the more trust you assume and the more power you have. Having a small number of root certificates means there's a lot of political and economic power concentrated in a few hands. Getting to decide which root certificates you include in your browser distribution concentrates that power even further. That's a significant price to be paid for convenience.
Like Britain's unwritten constitution, it kind of works as long as everyone tries to be a good chap but becomes incredibly messy when they don't.
Have you looked at the number of trusted roots accepted by browsers these days? Anyway, like the other guy said, you could easily have tbe UN create one root for countries and countersign the 208 used by governments. Note that countersigning does not mean that the countries have to share their private keys with the UN, so there's really no problem with the OP's suggestion.
Not money and altruism, more like trying to manage a fast growing organism that was rapidly evolving. Mistakes were made.
In the beginning the Internet was built around a few letters, and IP addresses were allocated by UUCP. Namely emailing Jon Postel and asking him if you could score some Class A or Bs. No idea if those emails every raised eyebrows with narcotics LEOs, but I did score some sweet Class B's that way.
But there was also a realisation that this approach wouldn't scale, and the original pretty rigid hierarchy for Class A/B/C networks wouldn't scale. Addresses would quickly run out, and so would memory for routing tables. Those were the days when large corporations like Ford, Xerox, Nortel etc could score Class As the same way, and end up 'owning' a large chunk of the total potential 'net space.
So there were new rules for allocation and assignment, and the RIR's like RIPE, ARIN, APNIC etc created to handle them. Along with the introduction and implementation of new tech like CIDR (Classless Inter Domain Routing). Goodbye Class B & C, hello /16 & /24. Under classful networking, the subnet mask wasn't as relevant as the network was defined by the address(ish). So if the first 3 bit of an IP address were 000-011, it was a Class A, 100-101, Class B, 110, Class C.
So that was why class was originally linked to the first octet of your ID. And because a lot of addresses had been assigned and in use already, carving out space for the RIR's to manage was FUN! And also why ARIN ended up with lots of addresses, and later RIR's got less. Oh, and the swamp, which were legacy allocations from the class era.
But that also hampered stuff like geographical routing. Which was frustrating, especially as there was a long established functional model that had 'solved' these issues a century earlier, ie the telephone network. There, the first bits indicated if it was a national or international call, then country to send it to, or the area code if it was national.
The Internet missed a few chances to do the same. Some was historical, ie the 'net was already operational. So CIDR could have done some of this, but would have required a 'Great Renumbering' to drain the swamp and convert the Internet from classful to classless. Especially as customers who'd scored a Class A or B network might have to settle for a /20. We did some planning though, and although technically feasible, an operational nightmare.
Needless to say that didn't happen.
Next opportunity was more political, so the replacement of IPv4. That would have been a logical time to add a country code to the IP address. 188.8.131.52.0 would be a UK address, 184.108.40.206.0 would be US. Or Dublin, because telephony has it's quirks as well. But every country would have it's own Internet's worth of space to assign. Simple, effective, and would have solved problem that IPv6 doesn't.
But when I need IP addresses, I ask RIPE. When I need phone numbers, I ask Ofcom. If IP were assigned the same way as phone numbers, why would the RIR's be needed? So IPv6 preserved the 'need' for RIRs, and avoided their work being transferred to national telecomms regulators like Ofcom.
But such is politics.
Oh, and thought for the day. Why, 30yrs post-CIDR (and 'ip subnet zero') do network engineers still think a p2p network link needs a /30, and not a /31? Just one of those things that bugs me because it wastes a lot of IP addresses.
Yawn. Actually adding a fifth octet would have been incompatible with every IP stack in existence and merely booted the problem a decade or so down the path without solving the routing problem. IPv6 is no more incompatible and solves these problems forever (along with several others).
It also exists and works for those of us that bother to use it.
Cheers for that, I hadn't come across that blog before. The exhaustion issue I think better explained in his previous example. So I have a couple of /32 and /48s. /32 is a standard ISP allocation, and /48 is a standard user assigment.
So an ISP can assign 65,536 /48s before it needs to ask the RIR for more. Last national broadband job I did had around 8m subscribers, who'd get a /56 instead. So customers could still have 256 networks, even though most residential customers neither know, nor care what those are.
But a Friday thought. I still remember when Cisco's self-defeating network saved Jack Bauer in 24. I don't remember ever seeing an IPv6 address or trace in a movie or TV show. Not sure if that says more about me, or general IPv6 awareness though.
So we could add a 6th to cater for future expansion. Or be very generous and make it 128bits. Or go really wild and make it 128. Which IPv6 did, but only uses 64b for the host. So much bloat.
But IPv6 was also incompatible with every IP stack, at the time. More importantly, existing hardware was incompatible. So line cards, backplanes, processors, memory etc. Not helped by routers often having PCI backplanes. Even with 16 lanes potentially available, handling 128b is slow and expensive. Also unnecessary given 64b are the host's problem, not the routers.
But such is politics. Sure, IPv6 could do 2^128 hosts. Ish. It can only do 2^64 networks though, especially given the standard allocations from RIRs. Customers probably need all the addresses to multi-home. Oh, wait... It's so every device on our network can be directly addressed from the outside.
But IPv6, been there, done that, got much more IPv6 than I'll ever need. Unless I get into cellular networks in the biological sense. Still wish it'd supported geography allocations though, because that would make traffic engineering on global networks a bit more efficient.
The world's telcos (and others) did try to replace IPv4 with a new addressing approach: the OSI network address. They were long numbers, assigned in a hierarchical fashion, mostly run by national PTTs.
Although some parts of the idea fed into IPv6, the key point of control by national telcos most certainly did not. But you can blame the colons on OSI.
Yes, routing is obviously based on IP address, but for the most part, that contains no geographical information. So I'm eel.net, and I have a global ISP. I'm based in the UK, so get a /30 from RIPE, and the route object says 'UK'.
So I build out my network using that /30. Internally, I could use /32s per region. Externally, I have much less control. This is also true with IPv4. So maybe I peer with APAC networks in Singapore using the /32 I've picked. Maybe I advertise another /32 at the LINX for European traffic. If I don't advertise the /30, parts of my network might be unreachable, if I do, traffic destined for my APAC customers may be handed off to me in London because the Internet favours closest exit, or hot potato routing.
Country of origin routing would be more efficient though. If destination is 1.X or 44.X, it should probably go via my trans-Atlantic capacity. If I can switch towards my UK-US network without having to read deeper into the header, forwarding traffic is faster, cheaper and more efficient. That also isn't helped by IPv6 inheriting a problem from IPv4, namely the header has the addresses in the wrong order. To fast switch or forward a packet, the important bits are the destination, not the source. I once asked Vint Cerf about that, and it's a holdover from the old DARPA / DoD days where the source was considered the priority.
But there can be other fun, like geolocation services deciding location based on text in a route object, rather than where an IP address actually is. Country codes would (or should) make that more reliable.
AC: "if I was applying for a visa I would hope that the Americans could not see that"
The Russian embassy in London is located on a corner and if you want to visit and get a visa you can queue up.* This was so that the UK's (and presumably USA's) intelligence agencies could see exactly who was applying for a visa:
"The Embassy of Russia in London is the diplomatic mission of Russia in the United Kingdom. The main building and Consular section is located at 5 and 6-7 Kensington Palace Gardens at the junction with Bayswater Road;" (https://en.wikipedia.org/wiki/Embassy_of_Russia,_London)
*Probably best to wait a bit at the moment
One of those moments where I'm not sure if the article is glossing over what is commonly understood or doesn't get it. The level of danger a MosCA poses is the same whether you are its customer or not. The danger is that CAs are decentralized in a "anybody can issue anything" way. If you root-trust MosCA, they can issue certificates for anything. "I get my regular certificate from them" does not make that easier or harder, because that process doesn't expose the private key in sane setups. (Yes, I know most CAs have insane setups because customers can't keep two files around for two days and find them again.)
There used to be HPKP, where a site could say "I guarantee my certificates are issued by CA XYZ for the next n days", but that was dead before it got off the ground, because it's only "trust on first use" and requires things like backup keypairs.
And no, don't answer "what about CAA", this is not what CAA does. CAA is verified at issue-time by the CA, it's protecting against social engineering.
> As a bonus for Putin, it's rather easy for Kremlin spies to intercept, decrypt, and snoop on connections encrypted using certificates issued by the government. The more websites using Moscow-issued certs, the more connections Putin's agents can quietly monitor.
This is not how it works.
Having a CA under your control allows you to create a shadow site that browsers won't be able to tell from the original. It does not allow you to eavesdrop. Private keys are confined to the communicating parties, CAs never see them.
Thank you, was going to make the same point.
It does open the door for this via DNS poisoning - routing everything to the site via some government controlled proxy. I would presume that would be fairly noticeable at the server end with all your traffic coming from one IP, but it wouldn't help the end user so much.
Next it will be "Ruscoins" and "Special Military Operation" NFTs.
Actually, after typing that it made me think, when Putin says "Special Military Operation", does he mean the operation is special, or the military? Judging by their performance over the last 2weeks I am inclined to say the latter :-)
In what way? By making Russia's internet denizens self-sufficient and less tied down to janky cloud services?
Damn, you might be right haha.
Gosh, if the UK was sanctioned; where I work might finally have to ween themselves of Microsoft's terrible Office 365 and we can run old copies of 2010 (cracked of course).
Heck we might need to formally move everyone to Linux/BSD because the DRM servers will no longer work for Windows.
It only requires 3 countries to put sanctions on the UK to bring us to our knees! If Kenya, India and Sri Lanka should ever form any kind of alliance - then they would have control of our tea supplies. And the tea must flow! The idea is too horrible to contemplate!
Personally I think we need to create an inhospitable isolated hellhole, devoid of any kind of softness or pleasure, where life can only barely be scratched with utmost willpower and cooperation. Then populate it with criminals and very fit aggressive people and leave them there for a few generations to breed an army of super-human abilities - which we can send in to fight for out tea supplies. Should that dire need ever arise. I suggest we call this place, Skegness...
trouble is, a majority of Russians do not wish to be informed (aka lalala, I'm not listening!) It's so much easier to draw a line between state propaganda: 'Evil West is trying to punish RUSSIANS again, because they hate us and our values!' - when you can't tap to pay for a metro ride in Moscow, buy a ticket online to fly to Turkey, etc. Much easier than look past this bullshit and consider that, PERHAPS 'I live in a shitty country based on a shitty system run by scumbags' - and if so, what am I gonna do about it? Well, you can run abroad, never mind how they perceive Russians in the West now (but this option is really viable if you're young / rich enough / brave enough to break off completely), OR, a more realistic prospect for about 99% of Russians - you keep your head down thinking that, you know, our dear leader might not be all that great and everybody makes mistakes every now and then (the tsar tries hard, but these awful boiars!, but surely, there's no smoke smoke without fire, the West's always been out to get us, remember Napoleon, remember Hitler, remember how 'they' tried to destroy us in the good old Soviet times... and now, they're at it again!
p.s. I do not feel contempt, I just feel sorry for them. And then, I listen to this or that Ukrainian radio station, and all their radio channels broadcast the same, joint programme now, and then all those channels, like a domino, switch to auto-message that their presenters need to hide in air-raid shelfter because the air raid, sorry, we'll be back soon, and they broadcast the same, awful auto-message how to give 1st aid, how only to trust information from reliable circles, how to report suspicious behaviour, some uplifting song here and there. And then, the images and videos, not only those shown by mainstream media... then I find it so hard to 'feel sorry for the Russians' for keeping their heads down.
1) October 1917 followed
- failed revolution of 1905 (after the short [but not] victorious war against Japan
- 1914-1917 WW1 carnage
- another, failed revolution (Feb 1917, if I remember correctly)
2) don't forget the consequences, for Russia and the world, of that October 1917 revolution.
Does the February / March (depends on which calendar you are using) count as a failed revolution?
'Failed' implies that the revolution failed to over-throw the old order. The March revolution saw the Tsar stand down, and introduced something resembling (by the standards of the time) a democratic government, and thus achieved it's aims.
That the October/November revolution then over-threw the democratic (~ish) government is perhaps a failure of the post-revolution government, rather than the revolution itself?
But your core point is accepted.
Revolutions can be tricky little blighters
The Who: 'Won't get fooled again'
I'll tip my hat to the new Constitution
Take a bow for the new revolution
Smile and grin at the change all around
Pick up my guitar and play
Just like yesterday
Then I'll get on my knees and pray
We don't get fooled again"
The enemy of my enemy is my friend. In this case the Communists represent the main opposition party to the fascists that have overrun the Kremlin and finally tipped their hand.
But yes, Russia has had a long and bloody history of internal strife. The collapse of the Soviet Union was comparatively peaceful.
If there's anything the West can do here, it is to provide information and organisation to those that oppose.
Just as Putin has manipulated the West's own enemies into positions of power here too.
Fucking hate this species sometimes. All hail our glorious cockroach overlords
when you can't tap to pay for a metro ride in Moscow, buy a ticket online to fly to Turkey, etc. Much easier than look past this bullshit and consider that, PERHAPS 'I live in a shitty country based on a shitty system run by scumbags'
You're not wrong there. However, if you can do all those things, doesn't that pretty much have the same effect? You know, bread and circuses.
Out of solidarity for the Ukrainians (not that it'll make a lot of difference...), I've already added a filter for .ru TLDs and all Yandex-related domains. Anyone know of any good general lists of non-.ru Russian domains? Maybe we can de-throne Putin with a thousand tiny (and admittedly fairly pointless) cuts.
> The portal is silent on which browsers will accept the certs. This is a critical matter, because if browsers don't recognize or trust the certificate authority that issued a cert, a secure connection isn't generally possible.
Last I checked, it was possible to install arbitrary CA certificates on Firefox and, I imagine, other browsers. That's how a lot of corporate IT works.
It is also possible to, very painfully, disable (but not uninstall, short of rebuilding the browser) the default certs. When you do that, you realise that only 4-6 of them are needed for pretty much every website you'll ever visit.
Anyway, TLS is pretty broken as this demonstrates. There is no easy fix, but a recent proposal for PGP based certificates based on a sort of web of trust model shows some promise.
Lastly, we need people talking more to each other, not less.
You can manually add a CA if you want to, but automatically adding one to every browser in Russia is going to be a lot harder. The average citizen is going to not do that, visit a site that redirects to HTTPS, and get a browser warning.
"Anyway, TLS is pretty broken as this demonstrates."
Neither the part I answered nor the rest of your comments demonstrates this. TLS as a protocol doesn't care where the CAs are. It's fine. Even including the issue of CA governance and use, you need to demonstrate why the existing system is flawed; less centralized power might be nice, but it would also eventually weaken the ability to monitor for unsavory behavior and revoke those untrustworthy authorities, something browser-makers frequently do. Requiring every site to issue a key and find lots of others to cosign it will not be done by many sites, putting users at greater risk.
If the Yandex browser is the only one that will recognise the new Putin-certs and the majority of Russians end up using that browser, what if the Yandex browser stops recognising certs issued outside Russia? I can imagine Putin might see that as a good thing since there's even less possibility of "the people" being able to view outside news sources (although that might be blocked anyway?).
So I'm just wondering if non-Russian sites might do well to support serving traffic over HTTP as well as HTTPS; they might well do anyway... I've not been keeping up!
Having the signing cert in this case an issuer which effectively only signs in the public key of the s server certificate does not and can not compromise the client/server connection security. That just a dump fear mongering. You can argue that man in the middle is possible but only if the browser collaborates with the issuing entity to trust the fake issuer which in turn also could present a fake server certificate. Otherwise how in the hell you will come up with the private key just by being certificate issuer? If you say that the issuer could just generate also the server cert then does not also need to spoof DNS as well. At the end why is not trustible a cert signed by private company and not by govs or public institutions?
Honest question from someone whose network admin is limited to wiggling a dodgy bit of cat-5
My browser has lots of certs included from places that I don't necessarily trust (ie. Belgium),
That can't change the trust certificates for microsoft.com but they could sign a certificate for "totally-not-a-scam.microsoft-updates.com" and my browser would show a reassuring green padlock and hover-over could even say it was registered to "Microsoft Ltd" if that's what the naughty people had put in their registration.
Am I understanding this correctly ?
Who says you need to change the DNS. If you control the routing in the area you can change it so every IP goes through your server.
As for the root certificate organization being trusted. Do you trust the root certificate organization mentioned in this article(I.e the Russian government)
This piece is informative until the bottom where is dives into proproganda , anti Russian drivel. Russia has a beef with the present Ukraine government, a beef you can recognize as driving the war or ignore and refight WWI all over again which started from similar small causes. . The 1994 nuclear agreement called for the Ukraine to always be neutral, joining NATO, an organization hostile to Russia is not neutral. Russians have an interest in seeing the Ukraine does not murder any more Russian speakers in the Ukraine who objected to the Obama/Merkel sponsored armed coup of 2014 which ran the elected anti NATO president out at gun point. They want the three break away areas recognized by the Ukraine as separate countries. That is it.
Happy to be proved wrong but I am not aware that there were any provisions in the 1994 Budapest agreement for any of the signatories to "remain neutral"?
Regardless, though, the annexation of Crimea had already kinda blown that out of the water wouldn't you say?
> I am not aware that there were any provisions in the 1994 Budapest agreement for any of the signatories to "remain neutral"?
There weren't any. It was supposed to be a gentleman's agreement and nothing was written, but if you are old enough you will remember that was everyone's understanding at the time (if not, you can look it up). In the early 90s Russia wasn't in a position to press the issue too hard either, plus they just trusted us.
The problem is that you only get to break your word once as it's worthless after that.
The US chose a strategy of using NATO to maintain tension with Russia while at the same time preventing Western Europe from pursuing their own independent foreign policy. Whether that would have led to a better outcome we'll never know but it should have been tried anyway.
Biting the hand that feeds IT © 1998–2022