Blogger Roman Poroshyn recently posted commentary pointing out that code signing certificates can be stolen (as illustrated by the Stuxnet attack) and that he expects the syndrome of stolen certificates to continue in 2011. Roman writes,
Stuxnet has made it painfully clear that a virtual identity can be stolen. Authorities issuing digital certificates are unable to prevent that and their response is always delayed, because it is based on reports from computer security companies.
The good news is that a well developed code signing paradigm exists that can greatly improve our ability to defend against certificate theft. It's called Authenticated Content Signing, or ACS. In the ACS model a developer isn't handed a certificate but rather is given an account in a code signing portal (accessible manually or through an API). The developer uses the portal to sign individual code blobs, and each blob is a unique signing event. Each signing event is time stamped, recorded in the portal, and from a public keys perspective its own, isolated occurance. Since each and every signing event is unique, any piece of code can be revoked at any time by the developer or the CA without affecting any other piece of code. There are many advantages to this model:
- There are no more certificates to steal. Portals can be protected with strong authentication practices such as one-time-password (OTP) or client certificates.
- Developers can monitor exactly what signing events are occurring on their accounts. If unexpected events do occur, developers have the ability to discover and revoke them.
- Any signing event is revokable without affecting any other signing event. That means legitimate code does not have to be a casualty of removing untrustworthy or outdated code from the ecosystem.
The ACS model is well established in the mobile phone market today and has been quite successful there. It is a proven model with strengths that can benefit code signing in all forms, and I for one would like to see the code signing market evolve to the point where ACS is the de facto standard.