X.509 is used in TLS and other encryption technologies, to authenticate a communication circuit's counterpart.

It's the standard that defines the infrastructure of certification authorities that browsers trust.

Read about it at Wikipedia:X.509.

X.509 as deployed in worldwide practice has several flaws, like for example how all web browsers in the world trust far too many not trustworthy certification authorities and sub-authorities.

Read more about the problems and about certificate pinning as a solution. Read about the Certificate Patrol and things like Communism.

Black sheep among certification authorities

Jamey Heary writes

At Black Hat ‘08 there was a great demonstration of how valid “internal testing only” FQDN certificates for URLs that you don’t control can be obtained by anyone asking. The one obtained by the researcher at Black Hat was for MSFT’s https://login.live.com site, he didn’t disclose the CA that issued it to him but it was one that was trusted in IE by default. Having these completely valid certificates allows a MITM attack to be staged without generating a browser security warning saying the certificate has issues.

and Abusing SSLVPNs (Michael Zusman)

Michael started his talk by detailing how he was able to purchase a certificate from a major CA with a FQDN of an existing fortune 500 company’s website! How you ask is this possible, well when filling out the request form he simply checked the box that stated that the certificate was not going to be used on the internet and was for internal testing only. Luckily, Michael also stated that most CA’s rejected his requests. But it only takes one CA to spoil the party. What does this mean to you, well picture this:

A user has their DNS cache poisoned on their client so that the website (that correlates to the new shiny cert you have) points to a HTTP proxy. During the live demo the proxy used was TSeep Proxy. Now the attacker is in the middle. User goes to the website in question, is proxied through TSeep who hands the user the shiny new cert you have. The user's browser looks at the cert and because the FQDN and other fields are perfect and the CA is trusted it never pops up anything, proudly presents the lock icon on the bottom of the page, and is fat, dumb, and happy. So now the MITM proxy forwards all the requests to the real website and back again to the user. Walla!!! The attacker sees everything the user sends or receives from the real website in the clear and neither the client nor the real server have any idea. Scary!