It seems that with every passing week we discover new ways that digital encryption and security is being subverted by government agencies domestic and abroad. It stands to reason that encryption can no longer be trusted if the master keys for that encryption become known to others. It's far, far easier to get the keys than it is to crack the encryption, after all.
If this is the case, and certificates signed by certification authorities are compromised from the top down, then there's simply no use in buying certificates any more. This should worry every CA out there. It should also worry every company that uses SSL to encrypt communications. No longer can any digital transaction be considered secure, nor any authentication data. If your single-sign-on Web app uses SSL provided by a CA, then all usernames and passwords must be considered compromised as well.
[ Also on InfoWorld: The end of the open Internet as we know it? | Our Internet privacy is at risk -- but not dead (yet). | Get the latest practical data center advice and info withMatt Prigge's Information Overload blog and InfoWorld's Data Center newsletter. ]
One of the major reasons that official certificates are purchased and used is to establish trust with the end-user. For public sites that use SSL encryption, an official certificate demonstrates two things: The site has been authenticated by a trusted CA, and the site owner has purchased the certificate for use in encrypting traffic to the site.
A certificate backed by a CA and bearing the site's domain name serves both to encrypt the data and to cause the requesting browser or application to accept the certificate silently. Just about every browser and application that uses SSL encryption will throw a warning or an error if the certificate presented by a server is self-signed and cannot be traced back to a trusted certification authority, or does not match the requested domain.
This is a reasonable level of security, as it can prevent man-in-the-middle attacks, site redirections, and other nefarious schemes. Your data is encrypted, and you can trust that you're actually communicating with your bank, or VPN, or stock brokerage site, without anyone being able to peer into the data, or steal it. Your browser doesn't throw any warnings, and you get a nice little green box or lock icon in your browser assuring you that it's safe.
However, if the keys to the various CA kingdoms are out in the wild and can easily be used to decrypt communications, suddenly the opposite is true. While your browser might trust the certificate, that certificate no longer means anything. It offers no real protection at all.
That's where self-signed certificates come into play. With a self-signed certificate, your browser or application will throw that error and potentially make you jump through hoops to accept and use the certificate, but if you signed it, you know the keys aren't available anywhere else. You can also make the key modulus as large as you reasonably can, without impacting performance.