Self-signed SSL certificates vs commercial SSL certificates: How Mozilla is killing self-signed certificates

SSL certificates are important for establishing an encrypted connection between a client and a server. Only clients that accept a signed SSL certificate will be able to establish an encrypted connection with the server. Encrypted connections are used by webmasters to build secure websites, like e-commerce websites, where extra protection is necessary to prevent eavesdropping.

A SSL certificate is issued by a certification authority, or certificate authority (CA). There are a few types of certification authorities:

  • Commercial certificate authorities, who charge for their services.
  • Certificate authorities owned by institutions and governments for their own use.
  • Self-signed and community-driven certificate authorities, which are free of charge.

Every webmaster will probably ask this question: "Where can I get a cheap commercial SSL certificate?"

Why would webmasters want to buy something they can get for free?
Because using a self-signed certificate or a certificate signed by an unapproved (new or non-profit) provider will display a scary warning to users trying to establish an encrypted connection. This results in most users skipping the manual verification and acceptance process, and leaving the website.

Web browsers and ftp clients transparently accept SSL certificates signed by certificate providers who pay to have this functionality enabled in those clients. Most web browsers will display a visual cue to indicate to the user that the website they are viewing has a valid SSL certificate signed by an official certificate authority, and that the connection is encrypted.

Commercial signatures for SSL certificates from commercial 3rd party certificate authorities allow users to quickly verify that the website they are viewing is operated by someone in contact with the person that registered the domain name under which the website operates. Another advantage of commercial certificates is no web browser warning messages to users, and users not having to manually validate and accept the certificate.

Using any type of SSL certificate (commercial, self-signed, or community-driven certificate) does not offer any other guarantee than a quick check of ownership-operational relationship. A compromised (hacked) website can very well have a valid and officially signed SSL certificate.

Purchasing a SSL certificate signature from a commercial certificate authority is expensive (starts at around $50/year). Some services are offered stating at $14.95/year, and some companies offer a free version (see the updated list of certificate authorities below). Self-signed certificates and community-driven certificates are free. Paying for a SSL certificate is mostly a marketing consideration and is used for building customer trust.

SSL certificate signatures are the first step in establishing an encrypted connection. Accepting a signature for a SSL certificate means the user trusts the credentials listed in the signature and accepts to establish an encrypted connection with the server. This kind of trust is very relative, and not easily understood by many. For example I do not see how transparently trusting a commercial 3rd party certificate authority is adding security to a website vs. a self-signed certificate. I can easily see how browser vendors who get paid to auto-accept commercial certificates(1) include Certificate Authorities in their browser store make it more comfortable for users to surf the Web without having to manually check every new SSL certificate they encounter.

The relationship between 3rd party commercial certificate authorities and browser vendors is creating the need for purchasing commercial SSL certificate signatures. I am assuming this certificate authority market has been created as a way of making money with this technology, and as in any market it's all about market share. Browser vendors are making SSL certificates a luxury commodity.

Having a warning message for all SSL certificates is fair, but this is not done at all in reality. Having warning messages only for "untrusted" certificate providers is acceptable, even if those warnings are confusing and scary (it has always been like this as far as I know). But what about dismissing "untrusted" SSL certificates all together? Is this fair for webmasters, web surfers, and content providers?

Mozilla Firefox 3 kills self-signed SSL certificates. The new Mozilla Firefox 3 web browser is making it impossible to operate a successful website that uses self-signed or community-driven certificates to establish secure and encrypted connections. How is this possible when SSL is free and Open Source, and Mozilla Firefox is free and Open Source too?

Mozilla is blocking equal access to the features of HTTP and SSH. Firefox 3 features a new warning message for self-signed or non-profit certificates. The user is presented with a "Secure Connection Failed" warning page instead of the classic pop-up dialog box. There are four clicks required to bypass this warning and access the encrypted website. This effectively disables websites encrypted by self-signed SSL certificates, as not many Web surfers are willing to spend the extra time to figure out how to bypass this warning page and access the website, if they did not already leave the website thinking it just doesn't work. Because of the growing market share of the Mozilla Firefox web browser, webmasters are pretty much forced to buy a commercial SSL certificate. While this certainly profits the commercial certificate authorities and the web browser vendors, it is not clear how it will help webmasters and web users become more secure.

Firefox self-signed certificate warning

Nat Tuck explains in a post (http://www.cs.uml.edu/~ntuck/mozilla/) how this new policy from Mozilla is detrimental for the Web by limiting the number of encrypted connections, and undermines the basic principle of equality among web participants.

List of certificate authorities (CA):
Community-driven certificate authority offering free SSL certificates: CAcert
Commercial certificate authorities offering paid and free SSL certificates: StartSSL
Big commercial certificate authorities offering paid SSL certificates: Verisign, Thawte (Verisign owned), GeoTrust (Verisign owned), DigiCert, Comodo, Go Daddy, and Entrust.

Some Domain Name registrars bundle some commercial SSL certificates free of charge for one year, with the purchase or transfer of a domain name.

Updates:
(1) It is important to note that Mozilla does not get paid to add Certificate Authorities in the Firefox root store. I have no information regarding this procedure for other Web browsers. I have no information on the business relationship between Web browser authors and commercial Certificate Authorities. Thus I am retracting the "get paid" statement and replacing it with "include Certificate Authorities in their browser store" which better reflects my current knowledge on the subject. See the Mozilla CA Certificate Policy (Version 1.2) http://www.mozilla.org/projects/security/certs/policy/ See also http://www.webtrust.org An expensive Webtrust audit (~$75,000 up-front plus ~$10,000 per year) is required for vendors seeking to have their root certificates included in browsers. For the same reasons "and the web browser vendors" is retracted.

A response from Mozilla interface designer, who fails to explain why the change in UI is better for security or any other things: http://blog.johnath.com/2008/08/05/ssl-question-corner/

Webmaster Mike Belshe takes Facebook's SSL certificate validation as example to illustrate SSL's speed shortcomings, and the changes required to make it better: http://www.belshe.com/certificate-validation-example-facebook

Trusted third party (TTP) anecdotes:

◇ Hackers managed to create fake SSL certificates for google.com, yahoo.com, mozilla.com, and live.com by compromising a Commodo SSL reseller. The attacks were focused on gathering user credentials. Although discovered on March 16th, the security breach was reported on March 23rd to allow browser vendors to issue security patches. https://blog.torproject.org/blog/detecting-certificate-authority-comprom...

◇ Certigna SSL Certificate authority archived their test SSL certificate and private key in public. Certigna had to remove the files and pacify their customers after the news spread.

◇ A fraudulent digital certificate to *.google.com was issued by *.ego.gov.tr, one of the two organizations who were mistakenly issued intermediate CA certificates by TURKTRUST Inc.

◇ Unauthorized digital certificates for several Google domains were issued by the National Informatics Centre (NIC) of India.

Its better to get the SSL certificates from a trusted SSL reseller authorities rather than getting these free self signed SSL certificates that may harm your private data.