How to Render SSL Useless

Today, Ivan Ristic gave an interesting presentation at OWASP London entitled "How to Render SSL Useless" including the Top 11 SSL deployment mistakes that render SSL useless:

1. Self-signed certificates

  • Self-signed certificates are spoiling SSL security for all of us
  • They are insecure
  • We are teaching users to ignore warnings
  • Certificates are cheap, or even free
  • It’s cheaper to buy a certificate than support a self-signed one

2. Own CA certificates

  • You configure a web site, don’t want to pay small $ for a proper certificate, but don’t mind spending a lot of time creating a custom CA?!
  • Encouraging others to use your CA root is terribly insecure
  • How well is your CA root protected?
  • Any CA root can sign any site!

3. Mixing SSL and plain-text

  • Difficult to implement securely
  • You will probably need two session mechanisms, one for each area
  • That, and a secure way to transfer users from one to another (i.e., re-authenticate)
  • Trivial for the MITM to use sslstrip to convert
  • HTTPS links to HTTP

4. Not using secure cookies

  • Secure cookies are transmitted only over SSL
  • Even if your site does not use plain-text anywhere (and does not even run on port 80), browsers can be tricked into revealing non-secure cookies by a MITM attacker
  • You must use secure cookies everywhere

5. Using incomplete certificates

  • You type https://sllabs.com and expect to see the same site as on https://www.ssllabs.com
  • On many sites you get an SSL warning
  • Very confusing for users
  • Use a CA that makes certificates that are valid with and without the www prefix

6. Not using EV certificate

  • High-value web sites will often be a target of phishing attacks
  • It is easy to mistype and end up at the wrong place, even if you are en experienced user
  • The green glow helps ensure your users that they are in the right place

7. Not using SSL

  • There are many sites that do not use SSL but they should
  • If there’s authentication –it needs SSL
  • If there’s a form –it needs SSL

8. Mixed page content

  • Some browsers will warn on mixed content, some will not
  • Depending on the skills of your web designer, a large proportion of your users could be getting warnings
  • A single plain-text link is enough to compromise the entire SSL site

9. Different sites on 80 and 443

  • You type https://www.example.com and expect to see the same site as on http://www.example.com
  • This is the fate of every single site that uses virtual hosting
  • Would you mind if questionable content appeared on https://www.yourcompany.com?

10. Using SSL for “important”bits

  • Some sites will use SSL to protect authentication and nothing else
  • They are vulnerable to session hijacking
  • Some even allow users to change password without knowing the old ones

11. Inconsistent DNS configuration

  • Your www.example.com address points to one web server, while example.com points to another
  • It surprising how many high-profile sites suffer from this problem
  • Similar problem to #5

Core Issues

  1. Browsers accept invalid certificates
  2. Insufficient security indications
  3. Decoupled nature of HTTP and SSL
  4. No broad support for virtual SSL hosting
  5. Some sites use SSL some don’t
  6. The burden of security is on users

These serve as a great outline for how to configure SSL correctly. You can view the slides from the entire "How to render SSL useless" presentation on Ivan's website. Also be sure to test your configuration using Ivan's Public SSL server Database.

Originally posted on Thu Jan 14, 2010