[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Ongoing Firefox (and Thunderbird) Trademark problems

On Thu, Jun 30, 2005 at 09:43:04PM +0100, Gervase Markham wrote:
> >Why can't we leave this to the maintainer or even local admins though?
> These are two very different cases, though. If a local admin installs a 
> new root cert, that's cool - they are taking responsibility for the 
> security of those users, and they have extreme BOFH power over them 
> anyway. However, having the root appear by default, so that no-one at 
> the remote site really knows it's there (who consults the root list) and 
> it's now on Y thousand or million desktops - that is a different kettle 
> of fish.

You've missed the really interesting, really important case.

What about the site admin team for X thousand desktops who produce a
modified firefox package to be used across the whole company? This is
the normal, expected usage of Debian.

> A quick reminder of what's at risk here: if the private key of a root 
> cert trusted by Firefox became compromised, _any_ SSL transaction that 
> any user trusting that cert performed could be silently MITMed and 
> eavesdropped on.

Let's be serious here. You've already got the verisign certificates,
and you've got a helpful dialog box that appears whenever new
certificates are presented to the browser such that the user can just
whack 'ok' without reading it. SSL security on the internet at large
is a myth. Anybody who trusts it is insane; the risks aren't very

  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

Reply to: