Say No To SGC SSL Certificates
SGC SSL Certificates, which enable older browsers to connect to a site using 128-bit encryption even if the normal browser encryption rate is 40-bit, seem to provide a great advantage to many sites. They usually cost significantly more and are only available from certain vendors. However, there are two strong arguments against using SGC SSL Certificates:
Old Browser Usage Is Very Low
Server Gated Cryptography was created in response to US government legislation on the export of strong cryptography in the 1990s. Microsoft developed Server Gated Cryptography and Netscape developed "step-up" technology to enable 128-bit SSL encryption with export browser versions. However in 2000, US Export law was changed to allow the export of strong crypto and Microsoft released IE 5.5 and IE 5.0.1 SP1 which allow those browsers to connect at 128-bit without using an SGC SSL certificate.
Who uses Internet Explorer 5.0 and lower these days? Of course, it depends on who you ask, but let's look at some statistics (as of April, 2008):
WebReference.com: IE 5.x usage is 2.17%, IE 4 usage is 0.41%
W3 Schools: IE 5.x usage for March 2008 is 1.1%
TheCounter.com: IE 5.x usage for March 2008 is less than 1%
AdTech.com: IE 5.x usage for December 2007 is 0.2%
Not very big numbers. You need to ask whether the extra money for an SGC SSL certificate is worth supporting that small percent of the market. Still, 1% of visitors can mean a lot of money to many businesses and no one wants to have to turn anyone away. But, there may be a far more important reason NOT to use SGC Certificates:
Allowing Older Browsers Encourages Their Use and Leaves Users Open to Countless Other Attacks
That's great that you can allow users of older browsers to connect to your website at a high encryption rate, but what about all the other security holes that those browsers have? Don't you want to protect them from those? What if someone decides to imitate your website in a phishing attack? Do you want users of older browsers to fall prey to that and then blame you? There are literally hundreds of security flaws in those older browsers that malware authors can take advantage of. Here is what Andrew Codrington thinks about SGC SSL Certificates:
Enabling Server Gated Crypto on your web servers is tantamount to aiding and abetting cyber criminals.
Wow! Why such harshness against SGC certificates? He explains:
The bad guys are able to install software on those older, unpatched systems that lives inside the browser or inside the operating system. That malicious software can log keystrokes or view submitted information before it is encrypted by SSL. The rogue software can then submit the collected information to a central place for aggregation and collection by the criminal group.
If you haven’t heard of botnets yet, that’s what we’re talking about here. They’re not new - if you’re a details person this three year old paper on botnets is a good introduction to the topic. Shadowserver Foundation has some interesting stats on bot counts and locations – today they’re showing ~110,000 infected systems. These are only the ones that are actively being controlled by a command and control server, and obviously they’re only the ones that they know of.
By requiring users to upgrade their browsers to one that supports 128-bit encryption without SGC SSL Certificates (Internet Explorer 5.0.1 SP1 and later), you will not only be better protecting your vistors from attacks on your own site, but you will be helping them protect themselves from attacks on all other websites. Certainly, that is worth more than what you receive from allowing users to believe they are secure when they really aren't?
Considering PayPal's recent harsh treatment of older browsers, we should all reconsider how much old, insecure technology we should allow.The choice is up to you, but we highly recommend that you Say No To SSL SGC Certificates.
Entrust has written an article including many of these same points in The Myth of Server-Gated Cryptography (SGC).
Originally posted on Sun Apr 20, 2008