|
|
|
|
|
|
by internet_arguer
4230 days ago
|
|
|
tptacek, maybe the USG as a whole controls some RSA keys, but the more interesting parts, such as NSA, wouldn't be able to get access to them without setting off some red flags. Not to mention, the USG isn't a monolith; NIST recently rejected Dual EC_DRBG. Employees at NIST publicly criticized the NSA's (alleged, but almost completely likely) decision to backdoor Dual EC_DRBG. Like you said, for attribution purposes the NSA had to get its keys elsewhere. I'm asserting that it's not just attribution that's on their mind. |
|
|
You can't forge certificates without associating them with some specific CA.
If you forge a certificate for a pinned site, you risk detection.
If HPKP is widely deployed, every site could have that risk.
Unless you've popped all the CAs, the browser vendors can respond to detected forged certificates by curtailing the compromised CA. Meaning the NSA has to compromise another CA to continue their activities.
There aren't unlimited CAs to work with.
Stipulate that NSA doesn't care if attacks are attributed to them. Certificate surveillance is still an operational problem for them.