安全地更新证书颁发机构证书

Question

Certificate Authority certificates are generally bundled in with the application that they're used with, but how can you automatically update them securely?

In PHP, it is recommended to use https://curl.haxx.se/ca/cacert.pem along with cURL, which is safe if you've pre-bundled it, but that URL does not support HTTPS, so it is perfectly possible for a middle-man attack to spoof different certs.

Answer 1

This is related to the problem of secure code delivery , and consequently I suspect the solution to that would also solve this.

Practical Solution for Today

Bug the folks at Mozilla to GPG sign certdata.txt , verify the signatures on your end, and then use the same Perl script that the Curl team uses to build your own .pem file. Cut out the middleman.

Hypothetical Solution for Tomorrow

Note : If the folks at curl.haxx.se aren't able to set up HTTPS, I don't know how much luck the community would have in convincing them to set up this authenticity process.

1. Transport Layer Security should be mandatory.
2. Digital signatures ( GnuPG , minisign , etc.) should be used.
3. The signatures and their timestamps should be advertised in a blockchain (eg Bitcoin), or a system like Google's certificate transparency .

This would prevent someone from interfering with your communications with curl.haxx.se , while also preventing someone who hacked curl.haxx.se from serving a poisoned certificate list to end users. By advertising the certificates and timestamps in a decentralized ledger, and providing some mechanism for client-side verification, targeted attacks cease to be feasible.

This would not stop the folks at curl.haxx.se from turning evil.