June 24, 2024

Securing the Web PKI

CITP is releasing a report today based on a two day in-person workshop on the security of the Web Public Key Infrastructure (Web PKI) we held last year. The workshop convened a multistakeholder gathering of experts from across the internet infrastructure, including browser developers, certificate authorities, content delivery networks, cloud providers, civil society, and academia. We worked on articulating the existing challenges and identifying possible solutions to enhance the Web PKI’s security. Here, we summarize a few key takeaways and insights from the report:

  • The Web PKI underpins the security of nearly all TLS-encrypted web traffic, but it has potential vulnerabilities.

    In recent years, certificate authorities (CAs) have been compromised by interception by government actors, software bugs and vulnerabilities, and network-level BGP hijacks. Fraudulent certificates can enable attackers to perform a range of devastating attacks, including intercepting encrypted email, impersonating legitimate websites, redirecting cryptocurrency transactions, and other attacks. Detecting these attacks in real time is difficult for end users (domain names, and the web users who use those domains’ certificates). At the workshop, two Princeton researchers demonstrated a network attack and obtained a certificate for a U.S. government website in real time, showing just how practical these attacks are today.

  • Implementing security improvements is a careful balancing act between operational, audit, and usability constraints.

    Certificate authorities include commercial entities, and need to consider the cost-benefit tradeoff of additional security controls. Certificates are a product, and while improving security can minimize the risk of future security incidents, it does not generate revenue in and of itself. Extra security controls can add cost in multiple ways. First, there is the cost of implementing and operating the security features themselves. Second, the features need to be adequately documented and maintained to meet audit requirements. Lastly, the features need to minimize extra effort on the domain owner’s part, as customers may be compelled to look for another CA if they experience errors when trying to obtain a certificate.

  • Improving the security of the Web PKI will take coordination and cooperation between all stakeholders.

    Because all certificate authorities are equally trusted by browsers, the security of the Web PKI is defined by its weakest link. If one certificate authority uses cutting-edge security measures in its issuance practices, an attacker can simply seek out another certificate authority that is still vulnerable to its attacks. Thus, any security measures need to be required by all certificate authorities. The CA/Browser Forum is one mechanism for coordinating stakeholders to implement heightened security measures.


The workshop stimulated conversations amongst stakeholders who rarely get to meet each other and discuss issues in depth. The workshop has already yielded positive developments in measures to improve security, such as kickstarting the drafting of a CAB Forum ballot to require multiple-vantage point domain validation in certificate issuance. Much work remains to be done and we look forward to future opportunities to help coordinate a multistakeholder approach to improving trust and security online.

We encourage you to read the complete workshop report here.

Speak Your Mind

*