Warning: DNS flaw spills over to OpenID

Stephen Withers
Thursday, 14 August 2008 11:55

Business IT - Networking

Ben Laurie of Google's Applied Security team and Richard Clayton of the Cambridge University Computer Laboratory have found those certificates aren't always reliable.

The reason is that some certificates - including those used by certain OpenID providers - have encryption keys that were generated using a faulty random number generator (since fixed). This makes it relatively easy to determine the private key for the certificate, which means it can be faked.

But surely an OpenID provider in that situation would have revoked the weak certificate?

Probably - but does your web browser check whether a certificate has been revoked? It seems that for performance reasons revocation lists aren't checked as frequently as they should be from a security perspective, and a newer and more efficient mechanism called OCSP (Open Certificate Status Protocol) isn't as widely used as it would need to be.

This doesn't mean OpenID is inherently flawed, just that a lot of the 'plumbing' needs to be checked and if necessary fixed.

Should you be worried? Probably not, if like many people your OpenID is only used to make it easy to post comments on other peoples' blogs, and you don't use it anywhere that 'value' or private information is involved.

In any case, Laurie and Clayton only identified three providers that had used weak certificates. Nevertheless, it would be wise to check whether your OpenID provider has ever used an weak certificate.

The moral of the story is that there are some smart people out there who are remarkably good at connecting the dots. We're lucky that more of them don't use their powers for evil purposes.