Certificates of Authority: Do you really understand how SSL / TLS works?

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
and in this video You're Gonna explain not just this because this is like a cool tip to start with but you're also going to explain why certificates are so important for basically the whole internet right so so a few months ago you did a video with a uh and tester uh that goes by the the handle Corey Corgi on Victoria Corgi on Twitter yeah um and and she actually set up a fake davidbomble.com website by essentially stealing the HTML content of David bomble.com and she set up another site called david.com but there's a way to track to see how long a domain has owned a particular certificate the security used in sltls is the only security that exists which is to say whatever happens to the SL World some variation of what we're doing now is going to continue happening in the future so if you understand the world of SL now you'll definitely understand what's happening in the future and so our security [Music] hey everyone it's David Bumble back with Ed Ed welcome hi David good to be here again it's great to have you back on our previous video If you haven't seen it Ed explained the TLs handshake and went into a lot of detail about you know how TLS Works Ed what are we going to be talking about today so today we are going to talk about SSL certificates um it's the thing that every website gives you every time you visit a website securely and it's kind of the heart of security on the Internet it's really important isn't it because I mean these days I think there's a website out there that like shames websites that don't have certificates or HCG yes but like everything these days is basically https which is all reliant on certificates right absolutely it's crazy to think right it's it's you know this website gives you this certificate and and magically everything is safe afterwards everything is like protected and secure so uh today we're gonna get into what is actually in this certificate that makes it so that you can trust the connection or trust the website or you know put in your password or bank account number and all that fun stuff Corey who's known as Corgi on Twitter did a phishing campaign and showed us how easy it is to you know fish for people's details and so what she did she's poofed my website made a copy of it um and Ed I'm hoping you're going to show us a way you know to see that that was a dodgy website versus like the real website so um absolutely yeah she basically made the website look exactly the same she grabbed all the content from the the current website made the spoofed website and the idea was to grab people's credentials when they're logged into the spoof spoofed website as if they were logging into my website to show the point that you know if they if someone spoofs a corporate website they could grab users details yeah absolutely and the benefit of the certificate transparency thing is that every certificate every ever generated exists in this registry so you can search that registry to see how long a particular site has had a certificate now it isn't a foolproof way to protect yourself against phishing but it's one of the many things you can check to validate whether a domain seems legitimate or not so one of the registries is available for searching at crt.sh you can put in a domain name and see how many certificates have been generated for that domain name so if you put in davidbomble.com we would get something that looks like this notice courses.david.bombel.com star the wildcarddavidbible.com as well uh but what I want to point you to is is notice the these dates over here davidbomble.com has had certificates that go all the way back down from 2017 or so since probably since certificate transparency first started so you can tell there's some history to davidbomble.com but if I put in the site that Corey had purchased David Dash bumble.com you'll see something somewhat suspicious notice before uh what is that may of 2022 that domain never existed so if you're out there on the web and you receive an interesting email and one way of validating whether the links seem legitimate this is a good way of doing it type it into scrt.sh and see how long a certificate has existed for that particular domain uh that should tell you it should allow you to detect how long a domain has been in existence yeah so like Twitter dot com is going to be around for a long time but if it was tw1 ttr.com or something it would uh it would tell us that this was a was a dodgy domain right if someone from a proof some from a commonly known site like Twitter sends you an email saying hey click this link but it's a domain that has only existed for the last month you should be very suspicious because likely they're they're spending up something yeah because I mean the the problem is um and I think you're going to talk about this in this video right that there's nothing stopping someone registering a domain like Corey did and then getting a certificate for that domain especially with let's encrypt like pushing the whole encryption thing right absolutely and they've created really cool tools like certbot and the like to automatically get a certificate for your domain and those things are awesome for what they've done to security and internet but it does mean anybody can purchase any domain and also get an SL certificate for that domain yeah so one of the ways to determine if it's valid or not is to see how long it's been around right Ed in this video you're going to explain not just this because this is like a cool tip to start with but you're also going to explain why certificates are so important for basically the whole internet right oh yeah absolutely this is uh essentially the ID card of the internet when uh when you go to a website the website gives you this ID card gives you the certificate and says hey you can trust me I'm really you know twitter.com or davidbama.com and if that got compromised basically I think you've said that every banking website out there every basically the internet just crashes right no absolutely I mean then anybody anybody could pretend to be anybody so if a certificate Authority gets compromised the problems are really really bad and for the real world is it important for me to know this stuff because like now this is a long interview so give us a you know why would I care about this stuff from like like the real world like deployment of the stuff yeah absolutely so uh and so this is kind of where we have to differentiate are you just a consumer of the internet or are you actually involved in securing or troubleshooting the internet itself so if you're just a consumer then in theory we should build the internet in a way where it's magically secure and you don't necessarily know about it so most consumers don't really need to know other anything other than looking for the little padlock on their browser however if you consider yourself in Tech if you work with a cell if you deploy a cell if you troubles troubleshoot SSL if you build apis that involve secure communication or secure requests then knowing what's happening behind the scenes uh can save you a lot of Heartache in the future when inevitably something goes wrong moreover if you work in cyber security and you might use some of these things to spoof or purchase certificates what you need to know how certificates work so you can know how you can abuse them so for everyone watching please put comments below stuff that you'd want to see it is sort of like the genius I've in my opinion when it comes to like certificates and SSL and all this stuff you know no one better than him to explain this to us so hey take it away let us let's get into what certificates are you know why they're important I think you've kind of covered that briefly already uh take us on this journey you know about certificate okay so here we have a website open we've got uh Twitter open right here um this is my Twitter profile follow me and all that fun stuff but what we want to look at is this little padlock right over here to take a look at the certificate that twitter.com is presenting when I go to Twitter so if I click on this chrome is telling me cool we're secure that's good that's a good sign uh what I want to do is Click into that and then notice here it's telling me that the certificate is valid also a good sign but if I click into that here we can actually see contents of the certificate itself now Chrome almost show you kind of the highlights right over here but there's more to a certificate than just what we see here if I wanted to see the full certificate I could go into details Tab and actually look at not only this the certificate for twitter.com but also the certificate Authority certificates that also are provided in the what's known as the certificate chain for twitter.com and you'll see inside the certificate there's a bunch of these fields and we're about to step through what each of these fields actually mean we could do this by looking at the fields in this view right here with what Chrome shows us but rather than do it that way I'd rather look at it on the command line so that it's something you can use in the future for troubleshooting SSL or anything like that and before we get into the like the details um like getting into the command line and stuff can you just give us like the quick overview of like what is a certificate what is a CA because it says that digity sorry Digi cert Global root CA um and because like I'm just thinking if I connect to a website how do I know that well how do I know this is a valid certificate like that kind of stuff sure great question uh let's talk about it so when you're using Chrome you're acting as an SSL client I'm going to label that as a c and you're connecting to a website in this case twitter.com uh and that's acting like the SSL server I'll call that the yes the server is presenting a certificate to say hey I'm really twitter.com you can trust me the question is where did that certificate come from in the world of SSL that certificate came from what's known as a certificate Authority the certificate authorities like the entity that's in charge of assigning certificates much like uh you know dnp would be assigning driver's license when you go to get a driver's license they're they're the people that that give you the official state or or you know sponsored driver's license that says you're allowed to drive or you know this is your identity and all that fun stuff that's essentially what a certificate is on the web uh it is given by a certificate Authority and there's a bunch that exists digicert over here is one of one of the many certificates that exists but there's Komodo there's satigo there's GoDaddy there's slew of others that exist bear sign thought et cetera et cetera let's encrypt is another very popular certificate Authority they're in charge of actually creating these certificates and giving them to the server who can then give them to me to prove who they are in the world of SSL the thought is how do you actually trust the certificate Authority right who is digicert who is Komodo who is sectigo well in the case of Chrome or Windows or Mac the operating systems themselves have a bunch of certificate authorities that they already know and that they already trust that that's known in in the root certificate store but you can look it up on every site on every uh local I forget the exact directory where they all exist but there's a bunch of certificates that are already marked on the client as trusted and what happens is if the client trusts the certificate Authority because Chrome has already made that decision or Windows has already made that decision or Mac has already made that decision then when the certificate is presented to the client that says it was issued by a particularly trusted CA that allows the client to now trust the server as well so they call call this a chain of uh sorry they call this um oh my gosh you can't think of the word but it's essentially because we trust the ca we can also trust the server that's giving us this certificate for twitter.com yeah so the the analogy I think that I've always heard years and years and years ago you used the example of the um what's the DMV in the U.S um the the other one would be like the the government if I came to the U.S uh to to come and visit like travel let's say I'm going to see you at Cisco live or like uh in Las Vegas at some conference um they're going to have to let me in through the the Border I present my passport the US government trusts the UK government um and I'm the U.S sorry the UK government is saying that I am who I say I am and in the same way that's what the ca is doing right it's like basically a entity that I trust and then when you present me your details I trust you because I trust them is that kind of right right absolutely absolutely that's exactly the purpose of the ca is to give out the ID card or the passport or however however you want to call it so the clients like Chrome or the the operating systems like Windows or Mac or whatever they are shipped with a list of root certificates which is the like the verisigns and the these these Cas that we trust right right absolutely uh so as the class as the user you typically don't have to make that decision they tried to build SSL so that the the individual user doesn't really have to know anything special that's going on right they just show up and they browse to twitter.com and somehow magically all this stuff happened in the background uh to make it safe or whatever so as the user you typically don't have to know who you trust or make decisions upon which certificate authorities you trust uh that's left to the uh the professionals or the companies or Windows or Microsoft or Mac or apple Etc et cetera to make the decisions about which Cas are acting ethically insofar as giving out certificates or not so the in theory if you trust Microsoft if you trust Apple you can trust specific authorities that they also trust and that's where the revoked certificates we'll talk about that in a separate video because some times compromise right and then they get back by the operating system or whoever yeah absolutely and sorry to take you on that tangent but that's brilliant did you want to cover anything else before we get into like the nitty-gritty yeah absolutely so since since we have this neat little little layout uh or image we can actually introduce another concept on a certificate chain so if you notice down here this is the certificate for twitter.com that's actually you know Illustrated right right there but you'll notice we sort of had what looks like two additional certificates in a hierarchy that were provided along with the certificate for twitter.com so I told you that the ca certificate that's already pre-trusted exists inside the client already so it's in your web browser it's in your operating system and so on what that means is that if something bad happens to the ca if some somehow that CA gets compromised their private key gets leaked or whatever the case we now have to change software and change files on every client in the world that's every computer every smartphone every tablet every smart watch every smart toaster all these clients that might be making looking at SSL connections if something happens to the ca the whole system essentially uh falls apart so to alleviate that instead of having the certificate authorities directly creating certificates what happens is the certificate Authority is going to delegate certificate signing uh privileges to what I'm going to call icas or intermediate certificate authorities and then those icas can also delegate to other intermediate certificate authorities and then these icas are the ones that actually provide the certificates for the end users right I should say for the servers and websites that are trying to attain certificates to identify who they are and that's actually what you see over here so at twitter.com has a certificate that they gave me but twitter.com certificate was signed by this intermediate certificate Authority and this intermediate certificate Authority was assigned by this intermediate certificate Authority and then this guy will have been signed by what's known as a root CA that's going to be the the ca at the top in fact actually you can kind of see right here it's indicate that that is the root CA so this is a chain of three so we had potentially this certificate and then maybe this guy and then this guy so how this organization happens of these intermediate Cas it's somewhat arbitrary every every certificate Authority company can organize it however they want but I say that to say that there's going to be more than just the servers SSL certificate involved anytime you're connecting via SSL but I mean it's all transparent to me as the user it just magically happens correct correct all you get is this little padlock and you're like oh sweet I got the padlock I'm happy this this must be trusted it is it I know you wanted to talk about like CLI and get more into the nitty-gritty um can you show us more than just what you show on this show us on the screen there like through a GUI yeah absolutely so this same certificate that we just looked at in Chrome uh we can actually download that certificate using a Linux utility known as opensl and then once we download that as that the certificate we can then inspect it uh to a little bit greater detail than we can see right here in Chrome and that's what I'd like to do next so the command we're going to use is just a standard standard Linux box I'm using Ubuntu over here but what I'm going to do is I'm going to tell Linux to act like an SSL client meaning act like a like a web browser or something like that and connect to a website and give me the certificate for a particular website so the command to use open SSL and I'm going to say act like an SSL client this is kind of the sub command of the opensl utility and I'm going to say connect to in this case twitter.com on Port 443. now once I hit enter it's actually going to make an SSL connection to twitter.com on Port 443 and at this point it's everything I type in to my terminal is actually being sent to twitter.com at this point it's actually like if I did a telnet on Port 80 to a HTTP web server I can actually do get slash index.html we can call this a A1 HTTP 1.0 request twitter.com is the host and I can actually get the web page like if I had gone to telnet to Port 80. but all this is now being done within an SSL connection that's kind of a side bonus thing what we're actually most interested in is the certificate so if I do that one more time but I'll just quit out of that this is everything that happened after I typed in that command you'll notice I connected it gave me some certificates this is the chain but the part that's most interesting is all of this all of this is Twitter's certificate in the format that it's done in file format if you will and what I'm going to do is I'm going to take all that and simply put it into a text file so I've just copied it there's nothing currently in my directory I'm going to call this twitter.com search and I'm simply going to copy and paste that into this file now I've got a file called twitter.com search I can cut it out oops I can cut it out so you can see that's exactly what I just copied and pasted but inside all of this is everything you see here that Twitter gave me when I browse to it using Chrome now of course you and I can't actually read the fields of this this is a base64 encoded this is what's called a pen formatted certificate to read the content inside what we are going to do is use another opensl utility called the x509 utility I'm going to say I want to feed into this utility the Twitter file the Twitter certificate file we just created I don't want the output but I do want the text version of that file and now you'll see something that is much more recognizable for you and I to read and talk through and you'll notice version here serial here that's the same stuff you see over here on the left side of the screen which show the content of the certificate the only difference is Chrome is showing it to us in this kind of pretty little GUI method whereas we're doing this to troubleshoot we want to see it much more thoroughly we could call it with open SLX button so that's the the first thing that I want to show was kind of how to extract a certificate using the command line but now let's actually start talking through the content of the certificate so now that we've showed you how to look at a certificate in this uh using the command line using openssl we're going to actually start talking through what each of the fields are which make you know make security possible on the internet the first one we'll look at is right over here the version so this version number doesn't necessarily relate to the version of SSL you're using this actually relates to the version of the certificate file format itself in this case we're using an SL version 3 certificate I should say an x509 version 3 certificate that's just the the name of the spec the specification that defines what is inside a certificate three is the only one you'll see in in the Modern Age the benefit of a version three certificate is that it allowed or enabled the addition of extensions that we'll look at down here in a minute the older version of the certificate version 2 and version one didn't have extensions so they're Limited in what and what they can provide then you have a serial number and you'll notice that the serial number also exists right over here in fact there's the version number and there's the serial number so it's the exact same serial number oh sorry we're looking at the uh the wrong certificate so if I go down to Twitter here's the version and here is the exact same serial number that's better so notice it ends in ffac same thing over here this serial number is a unique number that identifies this particular certificate uniquely from any other certificate issued by the intermediate certificate Authority above it so it isn't Global unique there might be other certificates that have the same serial number but this serial number will is the only serial number for a certificate that's assigned by this issuer this particular intermediate certificate Authority that's this guy in here digiser TLS RSA shots 56 2020 saw ca1 rather the person that created the certificate is identified in this issuer field that's what you see in here that's actually what Chrome is showing you uh this is the text actually that Chrome is showing you right over here that's identifying what ICA created the certificate and then the signature algorithm is showing you what algorithm was used to sign this particular certificate every certificate is signed by the ca that created it and this is what uh assures that the content of the certificate is legitimate without that signature there's no way for us to trust all this stuff that we're looking at over here right because at the end of the day this is just text text in a file right but that signature is what says no you can trust this particular text so just for everyone watching Ed and I covered well Ed did all the hard work I mean he it spoke about like public and private keys and all that stuff in our previous video which I've linked below absolutely and I I've got some videos specifically talking about how signatures work and I can make sure that the links for those will exist as well um that's great that's on your channel right uh those are yeah those are my channel yeah yeah let's all add those below so if you want to go I mean it's got a whole bunch of content on his channel so go and subscribe um go and have a look at that content if you want more details I'll put the links below sweet thank you okay so let's continue so that that was the issue this identifies what CA created this certificate and then right in here you get these validity dates this tells you how long before the certificate expires notice that it also it has a not after date so this certificate is not good after this date January 9 2023 but it also has a not before date meaning the certificate isn't valid until January 10 2022. so it isn't just it expires at some time in the future there's also it doesn't the certificate is not good before this particular date so it's an exact specific year in this case year but this certificate is good form and then in here this subject is what it identifies who the certificate is will say affirming the identity for in this case it's twitter.com if you go over here the common name designation over here says this is twitter.com so this certificate given to me by twitter.com proves that it is really twitter.com you'll notice we just pulled a certificate out of nowhere using a few commands so there's really nothing stopping me from setting up another server and taking this exact same certificate and giving it to somebody else and be like oh no I'm really twitter.com so just presenting the certificate is not the full story additional information needs to be done within the TLs handshake to actually prove that I am the real owner of that certificate or my case that I'm not the real owner that's certificate and David and I actually covered the full depth of that TLS handshake in another video earlier this year I can't remember when we did it but we'll make sure the link to that exists in the description as well it's interesting the certificates are only valid for a year is that because it's like passwords where you want to change them on a regular basis so that they it's more difficult to compromise right yeah absolutely so every certificate really when we say twitter.com is is twitter.com what we're really saying is whoever owns the private key that correlates to the public key in this certificate is twitter.com the proof that twitter.com has to provide to make sure that they really are twitter.com is to give me something that proves that they actually own the private key that correlates to this public key now just like with any password out there the longer it's out there the more time there is for it to be compromised so if I have a public key in the certificate and it existed for you know 20 years the risk of it becoming compromises increases so every year a certificate is generated often that also means a new public and private key is also generated as well although it doesn't have to be cool and actually it's a perfect lead into what's next you'll notice the next piece of information inside the certificate is a public key now in this case Twitter is using RSA public and private Keys that's what you see over here RSA is one of the asymmetric encryption algorithms that allows for what's called signatures uh in in RSA sort of the the asymmetric encryption algorithm that everybody thinks of when they're defining asymmetric encryption uh but there's other algorithms that also exist DSA is the other signature algorithm which literally stands for digital signature algorithm but you'll see certificates that also exist that have been signed with DSA certificates or DSA Keys rather or more commonly elliptic curve DSA keys but in this case it's RSA yeah and so the this particular section of the certificate includes the public key the RSA public key which is both of these values both a modulus value and an exponent value both of those values make up what is known as an RSA public key uh now I have another video that goes into the depth of RSA and the math and actually does does the RSA key exchange sorry does the RSA key generation and encryption and decryption process together uh we'll make sure there's a link to that if people are interested in understanding the real depth of how RSA really works but for our purposes just know that it is a public it is an asymmetric encryption algorithm so it's just a public key and a private key and what you do with a public key can be verified or undone with the private key and vice versa so Twitter as the private key that correlates to this public key and there's no way to extract the private key from this public key no way known currently if you know of a way let me know we can go into business together we can make one exactly yeah because I mean the whole internet relies on this if this is compromised oh yeah every every website out there is is stuffed basically oh yeah to put it politely yeah yeah and and Beyond not just website right every banking system almost every blockchain almost anything we rely on digital security is is out the window so people have tried to reliably extract private keys from these public values and so it's a difficult problem to solve or at least it's a problem that can be solved if you have thousands of years of computing time which is essentially what we're betting our security World on is that you don't have thousands of years of computing time it's going to be interesting I had a lot of comments on my Channel about Quantum Computing so it'll be interesting to see what happens when that comes around yeah absolutely that's crazy because because Quantum Computing they've been talking about it for such a long time that I don't know if it's if it's like uh you know the boy who cried wolf like I've heard about like Quantum is going to destroy everything probably for the last 15 years so uh and every year I'm like oh we're closer than ever it's like well yeah that's how time works of course we're closer than ever but um that's a good comment yeah if there's interest I'd be happy to come back and do a deeper look at these like RSA and diffie-hellman which are like the the penultimate protocols which which the underpin all of security on the internet I'd be happy to do that if that's that's interesting to to you or your audience David yeah let us know in the comments you know um it can go deep deep deep deep how deep you want to go do you want us to go so you know let us know in the comments good stuff okay cool so that's the public key uh and then we have a bunch of these extensions I had mentioned that these extensions only exist in version three certificate that's why you've got B3 right over there what happened is when they first created the format for what is inside a certificate they had version one uh and then they were like oh we could do this inside of certificates then they created version two and then when they're like oh we could also do this inside a certificate they added version three and they're like we're done recreating these versions let's just find a way to make it extensible and modular going forward hence uh extensions to certificates so that's what we're probably not going to see a x509 version 4 ever because any additional features we want to add to certificates we can just add as an extension okay so let's start talking through these so these first two they're sort of related The Authority key identifier and the subject key identifier all they are is a hash of the actual public and private keys that are associated to this certificate and the certificate of the intermediate certificate Authority which also has a set you know their own independent public and private keys so all that is is a hash of those keys so that we can track which keys are used across which certificates over time I told you earlier when David asked about certificates expiring and do they get new keys they don't always get new keys and one way you can see that is by looking at this hash which is going to correlate to a specific set of public and private Keys then you get this extension the subject alternative name extension or the or what's called San San uh what this does is it allows a single certificate to protect more than one domain so obviously this is going to protect twitter.com but it'll also protect www.twitter.com so this will allows us one certificate to protect both of those now you'll sometimes come across what's known as a wild card certificate a wild card certificate is a certificate that's that has a wild card so if I were to show it to you if in this sand section we had something like this that would be what's called a wild card certificate this wild card indicates this particular certificate can protect or vouch for any subdomain of twitter.com it would protect something like uh you know mail.twitter twitter.com it would protect something like images.twitter.com uh and so on but it would not protect twitter.com because this indicates that there has to be a subdomain so it would not protect twitter.com and it would also not protect something like us dot mail.witter.com because this has two subdomains from twitter.com whereas this is indicating only one subdomain as a wild card so in this case Twitter is not using a Walt card certificate so you don't see this star but you would see the star pretty often in a lot of other certificates as well and that's known as a wild card certificate yeah otherwise it becomes a nightmare to do subdomains like you've shown right right absolutely cool uh all right so these next two are also sort of related uh they put limits on what you can use this certificate or the keys in this certificate for uh there was a time in the world of a cell before this extension existed where any certificate you had could be used for any purpose you might have so uh we're obviously using the certificate for the purpose of of uh visiting websites you know https and SL as a web server and as a ASL client but you can also use these certificates in email you can also use these certificates in code signing so there's lots of other uses for the certificates as well and what this extension is doing is is it's limiting what uses can exist for this particular certificate so here we're saying this certificate can only be used essentially on the web as a web server or a web client within a TLS engine check and then these in here indicate that we can use the keys in the certificate to do signing and we can use these keys to do what's called key and cipherment what that means is use the keys in the certificate to do a key exchange so I told you earlier that the public and private keys are asymmetric keys but you can use those asymmetric keys to exchange symmetric keys and that is an approved usage according to the uh this extension right here which then brings us to this guy over here so certificates it's it's just like an ID card right so if I have a certificate an ID card that says I am Ed and I'm the certain age I can present that's that ID card at a store and say you know buy buy alcohol or something like that but if I lose that ID card I have to go and get a new ID card but that old ID card still works it's it's still a perfectly valid ID card so someone could find it and pretend to be me pretend to be me buy alcohol by whatever they'd want well it's the same way with certificates earlier we showed you this certificate expired if I scroll back up in 2023 in January 2023 but if something happens to the certificate if the private Keys get compromised Twitter in theory is going to generate new certificates with new private keys but this is still a perfectly valid certificate and in theory I could still use the certificate if I was the one who compromised Twitter's Keys uh and impersonate Twitter until January 9th of 2023 unless Twitter does what's called revoking a certificate and that's what's going on in here so certificate revocation there's two ways to do it the old way is to use what's known as a crl crl stands for certificate revocation list and essentially it's a list of certificates that have been revoked by this particular certificate Authority what happens is when my browser downloads this certificate it also downloads the crl and it checks against the crl to see if this certificate has been revoked so we can actually do that manually if that's something that would be interesting but it's a neat neat process of seeing how the browser makes sure that the certificate that they got is still valid but I mean that's that's as a user all I'm going to see is the padlock is not valid right right in fact I can show you what it looks like real quick what it looks like when you go so there's this cool site datascell.com that has a bunch of uh websites and certificates that are intentionally broken in some way or another and you can use this site to kind of test to see what your browser does and you'll notice one of them is a site that indicates this is a revoked site so if I click on this I'm going to go to our website that is using a certificate that is revoked and hopefully in this case luckily Chrome did notice that it's revoked and was like hey we can't we can't take you to this certificate we can't take it to its website because the certificate is revoked so Chrome did the right thing and protected me the user that doesn't know any better but we can actually go through the revocation uh check ourselves manually if that's something that would be interested we could look at the actual crl to see all the stuff that is is revoked so Ado it says the wrong host so if we click on that that should tell us that we're not going to Twitter but we're going to some dodgy website right correct essentially what happened is we went to a site wronghost.batsl.com whose subject or subject alternative name didn't match what we typed in so this site mismatched the certificate that I was presented didn't include wrong.host.battistell.com so if someone does it like creates a phishing website and the um it's like Twitter but the I is like a one or something right or an l and it's slightly spelled wrong that'll that'll warn me that there's a problem it'll tell you what you typed into the browser didn't match the certificate that was given absolutely so you can see there's there's a lot of things that can kind of go wrong that your browser is checking and hopefully checking transparently to you to make sure everything is is on the up and up uh and if there's interest I'd be happy to go through a bunch of these talk through what's happening what your browser is doing and even checking manually so we can verify it ourselves if we're ever in a situation where we have to troubleshoot or figure out what's really going on I'd be happy to do that as well so if you go to that crl URL in the certificate does it just show you is there anything we can see there or is it like just like code sorry on your on your on your on your CLI interface oh yeah absolutely absolutely so we can do it real quick so if I go to wronghost.com this is what Chrome is showing me uh but we can actually pull this in uh and I'll just go ahead and use the same thing so uh what I did to download the certificate initially was open SLS client connect to the website on Port 443 let's type this correctly that gave me the certificate that's this guy right in here and I can take that and we called it wrong.host .sl.com cert I'll simply paste that certificate into this text file and then we'll take a look open SLX 509 mean wrong no out text we can see that the certificate itself I'm not seeing a sand I'm not seeing a a subject alternative name but if we look at the subject field there's the issuer there's a subject you'll notice this subject was actually a wild card certificate which we were talking about earlier or star.badscel.com and this actually perfectly ties into what we were discussing earlier about how star.twitter.com doesn't protect us.mail.twitter.com because there's two subdomains here whereas the star only protects one subdomain and so what happens when we went to this website that had two subdomains dot badassell.com the certificate that was presented doesn't match what we typed into the web browser and so Chrome aired out like hey this is a problem be careful uh and yeah and as you can see there's a lot of things that can go wrong in the SSL world that that your browser is checking for and whatnot so if there's interest we could definitely do a deep dive on some of the cool stuff that's happening at batasl.com really cool site for learning SSL and training and whatnot so I definitely uh appreciate the owners of the people that maintain this on GitHub okay so let's go back to the Twitter certificate which was way up here uh so where we left off was right over here and so again this is the the process by which a certificate's validity is checked even though it might not have actually expired so again this is the crl process the certificate replication list now I should mention that this is what was called the old way of checking the revocation status certificate the new way is called ocsb and you actually see this linked over here that stands for online certificate status protocol so there's a much more efficient way of checking whether certificate is good or not and we can definitely do a deep dive into revocation as another video If there's interest in that okay so if we continue then over here we have the certificate policies and all this is is a an ID number that refers to the type of certificate this is there are three types of certificates there's uh there's DV that's domain validation certificates which is a certificate that only validates that you own a particular domain so anybody that's purchased a domain can get one of those uh there's OV certificates which verify you are an actual organization uh and then that stands for organization validation certificate and then there's EV certificates which stand for extended validation which indicate a lot more but is mostly Marketing in a way for stupid authorities to charge you more money they don't do anything more than an OB certificate does in reality I do want to mention right so DV certificates only prove that whoever bought the domain uh also purchased the SL certificate uh that does mean there is potential for someone to buy a spoof domain to also acquire an SL certificate because they actually bought the spoof domain for instance if I actually bought Twitter but spelled with a one instead of an I that could absolutely be a real domain maybe.com or something like that if I bought that I could totally get a certificate for you know tw1 tour.com I could get a domain validation but I couldn't get an organization validation certificate because I don't actually own a company known as tw1tter.com uh that'll come up in a bit so so a few months ago you did a video with a uh pen tester uh that goes by the the handle Corey Corgi on Twitter yeah um and and she actually set up a fake davidbomble.com website by uh essentially stealing the HTML content of davidbomble.com and she set up another site called David Dash bumble.com that looked perfectly legitimate because it took the HTML from actual davidbama.com she bought the domain David Dash bomba.com which allowed her to buy an actual SL certificate or David Dash bumble.com but there's a way to track to see how long a domain has owned a particular certificate which is one thing you can do when you're just trying you know using the web and protecting yourself against proof attacks like this and I'll show that to you in a moment that actually ties into this section over here but just for the second of stepping through it uh you yeah we'll get there something cool so that takes care of this next we have the authority information access section uh this is information about The Authority or the certificate Authority here is uh ocsb so as I mentioned this is one way of doing certificate revocation checks ocsp is another way it's a much more efficient and streamlined way it's a way where you can pull the ca directly and ask specifically about a single certificate rather than this mechanism which was which involved downloading a list of every certificate that's been revoked and checking for this certificate within that list this is a much more efficient way of doing it and this is the the URL for the ocsp responder that's going to provide those responses and then over here this is a link to download the the certificate authorities certificate just like this website twitter.com has a certificate the certificate Authority also has a certificate and that's where you could download it finally here we have the basic constraints field what this is doing doing is it's telling you whether this particular certificate can be used to sign other certificates just like a certificate Authority so again signing only involves a set of public and private keys and as we showed you earlier Twitter has a set of public and private keys so really there's nothing stopping Twitter from using those public and private keys to sign other certificates however this section of Twitter certificate indicates that they that whatever Twitter signs insofar as other certificates shouldn't be trusted there's a attack that existed called The False chain attack where anybody that had a certificate with a approved set of public and private Keys could then create any amount of certificates and sign them themselves for any other website so Twitter could make a certificate for paypal.com or microsoft.com or ticktalk.com or something like that and since they have a good set of public and private Keys the browser would trust the certificate they created for the other website this field is what kind of protected prevents that from happening the basic constraints field which then brings us to this section over here now there's a lot going on in this section uh this section is known as the certificate transparency section but it's actually a pretty cool system that's uh pretty new to sltls I think this kind of established itself in the last like two two to four years I would say but certificate transparency that's what the CT stands for involves uh requiring that every certificate generated at all exists in some sort of public registry that anybody can then search for and then browsers when they receive a certificate from a uh from a website what they're going to do is make sure that the certificate includes one of these what's called scts one or more of these scts or signed certificate timestamps what these are is essentially proof that a particular certificate has been uploaded to a public registry right in this case Twitter certificate has been uploaded to three different registries now why that's important is even if you do everything right for instance if you own a website call davidbomble.com and you do everything right you use the right certificates you use the right Keys you use the right everything there's nothing stopping somebody else from creating another website and buying a certificate for David Dash bumble.com but the benefit is if every certificate must be in a public registry somewhere you can occasionally do searches to see if anybody is generating certificates weirdly in your name that's what certificate transparency allows so that's certificate transparency and that's some of the benefits that certificate transparency allows for is that there's now a public registry of every certificate ever provided ever generated by any certificate Authority ever or at least since 2017 whenever all this started um so that's what is going on here with all these pre-certificate signed certificate timestamps which brings us to the end of the certificate all we have here is again a confirmation of the signature algorithm that was used to sign the certificate and then all of this is the actual signature that allows the browser to trust the certificate we just want went through this right here is the result of the the certificate Authority taking their RSA key and encrypting a sha-256 hash of the content of the certificate the output of that is put right over here and that is what's actually validating that this is a legitimate certificate Chrome can trust the contents of and whenever we talk it just it's like lay is in an onion you just go deeper and deeper and deeper so where can people learn more about this um I you've got YouTube I believe you've got a like a crazy detailed course is that right could you just give us you know details where people can get more information yeah as you said there's so many layers to all this so much happens to the magic of that little padlock that appears so um where I'd coin people two is is uh I have a module on my YouTube channel called the cryptography of SSL and it shows you all the cryptography that works behind the scenes to make a lot of this possible and then if you really really want to go deep into the world of SSL and TLS I have a full deep dive course on TLS and SL called practical TLS and that's where where I pick apart everything that goes on in the TLs ecosystem we show you certificates you actually create your own certificate Authority you issue your own certificates you compromise uh you'd rather we show you how you can decrypt SSL we show you how you can extract the keys or where you need to extract the keys to decrypt us so we go through the full depth of SEO and TLS so if you're interested in that the course is called practical TLS and David I believe you'll have a link for folks in the description and I really want to thank you for giving us a discount so if you use the link below it's been kind enough to give us a discount out full full transparency I will get an affiliate fee if you use that so if you want to buy the course with my link below to support me and Ed then thanks very much but otherwise just go straight to Ed's website and buy the course Ed any other closing thoughts about why this is important for people in in the in the in like networking or security around the networking folks most people connect to their sites using NSL VPN and that's using the exact same technology that happens to secure when you're browsing to some website using SSL or TLS from the security folks the security used in sltls is the only security that exists which is to say whatever happens to the SSL World some variation of what we're doing now is going to continue happening in the future whether that is TLS 1.2 which is what most people use for SL now or TLS 1.3 which is the new version of TLS that just came out or TLS version 2.0 3.0 or whatever happens in the Future No Matter What it's still going to use the fundamental cryptographic tools that are used currently so if you understand the world of SL now you'll definitely understand what's happening in the future in so far Security Plus these Technologies are what underpin things like blockchain and things like all sorts of data structure cryptographic data structures which are becoming more and more mainstream these days good thanks so much I really appreciate you sharing so much of your knowledge thanks for sure this was a blast David had a good time thank you [Music]
Info
Channel: David Bombal
Views: 115,900
Rating: undefined out of 5
Keywords: tls, ssl, tls tunnel, tls handshake, tls garage, tlsp, tls explained, tlsp live, tls tunnel vpn free internet, tls protocol, tls handshake explained, tls 1.3, TLS, Transport Layer Security, Handshake, TLS Handshake, Crypto, Cryptography, security, wireshark, wireshark tutorial, wireshark packet analysis, tls decryption, tls decryption wireshark, tls 1.3 decryption, tls decryption palo alto, ca, cert, certificate, certificate of authority, twitter
Id: VcV4T8cL3xw
Channel Id: undefined
Length: 46min 2sec (2762 seconds)
Published: Sun Nov 20 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.