Recently Google wrote the following *nonsense*:
<<< Certification Authorities (CAs) serve a privileged and trusted role on the Internet that underpin encrypted connections between browsers and websites. With this tremendous responsibility blah blah blah >>> https://security.googleblog.com/2024/06/sustaining-digital-certificate-security.html
**NO**! CA's and certificates DO NOT underpin encrypted connections!
And it's tremendously IRRESPONSIBLE to let every internet user, given a domain name, somehow (typically impossible) figure out whether a given domain name does, or does NOT, belong to the party that they were made to believe it belongs to.
Back to CA's and certificates: it is a PLAIN LIE that a certificate is required to encrypt a connection. For example, Whatsapp and Signal don't need them for E2EE, and your WiFi at home (unfortunately) doesn't use a certificate.
And in TLSv1.3, the connection is encrypted FIRST, *then* the server sends their certificate to the browser (together with proof of possession of a private key, which is exclusively associated to a public key in the certificate).
In fact, since the use of "forward secrecy" [1] in https, server certificates exist ONLY to *AUTHENTICATE* servers.
Authenticating means providing proof of identity; the primary purpose of that process is to PREVENT IMPERSONATION. Which is step one, before step 2 (encryption), if you don't want exchanged data to fall into the wrong hands and/or to be maliciously manipulated.
However, a certificate that ONLY identifies a server by its (DNS) domain name (which is a world-wide unique *pseudonym* for an IP-address), such as (I inserted a space to prevent accidental opening):
(1) info-bunq. cc
(2) bunq-com.aiiaclient. com
(3) verificatie-online-bunq-nl. com
makes it IMPOSSIBLE for internet users to distinguish between fake and real websites - in particular because FAKE webpages are usually indistinguishable from the ones on REAL websites.
Note: bunq is a European bank with a lot of recent phishing victims (search for 'bunq scam').
Phishing has become an ENORMOUS world wide problem, costing individuals and societies LOTS of money. Unfortunately, EVERYTHING about server certificates and the way browsers handle them, is extremely disappointing. It makes phishing "a piece of cake" - and will keep doing so if we let Google and other big tech continue to undermine user trust in the internet.
By the way, of the three "bunq" domain names that I mentioned, (1) and (3) are malicious (see resp. https://www.virustotal.com/gui/domain/info-bunq.cc/summary and https://www.virustotal.com/gui/domain/verificatie-online-bunq-nl.com/summary); (2), https://bunq-com.aiiaclient.com,(currently unreachable) is NOT malicious.
Interestingly, (2) even has a QWAC, a "Qualified Website Authentication Certificate" (https://en.wikipedia.org/wiki/Qualified_website_authentication_certificate). That certificate (for "bunq-com.aiiaclient.com") can be seen here: https://crt.sh/?id=12752024628&opt=ocsp
IMO it is INCREDIBLY STUPID of both bunq and the certificate supplier, QuoVadis Trustlink B.V., to hand out a QWAC to a third party [2], notably one who uses stupid domain names.
Furthermore, why do QWAC's not contain the full address details and, if available, the chamber of commerce (Dutch: KVK) registration number of an organization? And why do we get to see lots of gibberish if we inspect certificates - if that is possible at all? We're HUMAN's, remember?
—————————————————————
We need and deserve a human-friendly and safer internet!
—————————————————————
More info about "why https instead of http" and certificates: https://infosec.exchange/@ErikvanStraten/112688092149571552
[1] Published in 1976: https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
[2] See "yourname-com.aiiaclient.com" in https://developer.mastercard.com/open-banking-europe/documentation/licensed/aiia-enterprise/production/tpp-certs/
Cc: @agl , @Tarah , @ScottHelme , @dangoodin