New trust models for SSL certificates on the way
Tougher privacy and trust controls are being considered for SSL certificates, in order to bolster the protection provided by this important data security feature, according to a report from NetworkWorld.
The publication said that two new models - dubbed Perspectives and Convergence - are being tested by Carnegie-Mellon University and the Institute for Disruptive Studies, respectively. Both transfer the responsibility of validating sessions through SSL certificates to a new kind of digital entity, known as a notary.
Notary servers would be configured to track SSL certificate usage patterns rather than exact keys, so hacking a specific notary server would probably not be very helpful to a prospective attacker, NetworkWorld said.
One of the creators of SSL, Taher Elgamal, told the news source the improvements were long overdue, which is why their deployment will take a concerted effort by the tech world.
Spoofed SSL certificates can allow hackers to monitor communication between a user and a website using the well-known man-in-the-middle attacks, gaining a potentially substantial amount of sensitive data in the process.