[English Version below]
In den Medien wurde jetzt bekannt, dass US-Regierungsbehörden zur Entschlüsselung der verschlüsselten Kommunikation möglicherweise die privaten Schlüssel von Dienstanbietern fordert.
Bei der Zertifikatserstellung mit CAcert-Zertifikaten verlassen die privaten Schlüssel niemals den Rechner des Anwenders und werden damit nicht etwa an CAcert übertragen. CAcert kann deshalb die privaten Schlüssel auch nicht weitergeben. Dadurch stellen Zertifikate von CAcert ein Verfahren dar, mit dem sichere Kommunikation gewährleistet werden kann.
Currently US press spreads information that government organizations demand private keys from service providers for decrypting secret communications.
When creating certificates with CAcert, private keys never leave the system of the user, and therefore are not transmitted to CAcert. Hence, private keys cannot be disclosed by CAcert and thus certificates from CAcert provide a means to safeguard a secure communication.
Isn’t this rather naive and besides the point? Authorities can demand the cacert key itself and slap a non-disclosure order on cacert, and generate their own keys and pretend to be whoever they want. Or simpler, could force cacert to generate such fake keys. Since CA certificates are almost always used for authentication (as for encryption key exchange, you can use a system with perfect forward secrecy), the fact that they don’t have my keys is not usually relevant, as it’s not my key that is trusted, but the CA key, and cacert certainly has it’s private CA keys.
Given that the situation is the same with other CAs, who also don’t retain my keys, I’d say this blog post falls under “generating a misleading sense of security”.
In fact, given that secure communication requires authentication (how do you know the person you are talking to really is the person you think you talk to?), I would even go as far as saying the blog post is simply wrong: with a government organisation being able to create certificates at will by e.g. demanding them from cacert, secure communications (secure from those government organisations that could either decrypt traffic later or mount a MITM attack against PFS protected communications) can not at all be safeguarded by cacert certificates.
The only way out would be to have a separate secure communications channel that could be used to verify the authenticity of the certificate independently of cacert.