Risks Using Wildcard SSL Certificates

Policy

• For a single hostname on a single IP address, a single InCommon SSL certificate should be requested
• For multiple hostnames on different IP addresses (even if on same physical machine), separate InCommon SSL certificates should be requested for each
• For multiple hostnames on same IP address, a single InCommon Multi Domain SSL (or InCommon Unified Communications) certificate should be requested using the Subject Alternative Names (SAN) field enumerating the multiple hostnames
• For multiple hostnames on same IP address, under exceptional circumstances (i.e. literally hundreds of hostnames on same IP or they change weekly) you can petition to use an InCommon Wildcard SSL Certificate.  After acknowledging the risks below, a request and justification should be submitted to the UCI RAOs (security@uci.edu) for review and possible approval.  If approved, the maximum term is 1 year for expiration of wildcard certificates rather than 3 years for the others.

Risks

• All of the usual risks of compromised SSL private keys apply, but when it is a wildcard certificate the impact of exposure is magnified enormously.
• Network Eavesdropping (Passive): if a wildcard certificate is compromised, an attacker with access to the network can sniff and decrypt all of the traffic to all SSL websites for the wildcard domain.
• Man-in-the-Middle Attack (Active): if a wildcard certificate is compromised, an attacker with access to the network can sniff, decrypt, change, and replay all of the traffic to all SSL websites for the wildcard domain.
• Impersonation Attack: if a wildcard certificate is compromised, the attacker can use it to create new hostnames or impersonate existing sites (when combined with phishing, or local host / DNS cache name resolution poisoning) on the same domain as the wildcard domain, leading users to an attackers site instead of a valid site even though they see a trusted valid SSL certificate.