Re: HTTPS everywhere!
On 2014-06-18 14:20:10 +1000, Russell Stuart wrote:
> So you need X.509 PKI (even with all its flaws) during that first
> contact. But after you've sent them money or downloaded their software
> you have formed a trust relationship with whoever controls that cert far
> stronger than the assurances X.509 provides. That is true in the
> positive sense if you receive your goods after paying, or the software
> you downloaded works well, or in the negative sense if the reverse
> happens. Regardless, next time you deal with the entity that controls
> the www.shop.com cert, you now know far more about them than the X.509
> PKI does.
> The bug is the current system forces you to reply on X.509 for all
> future contacts, even though you have much better source of trust.
> During that initial contact the protocol could have arranged for you to
> download a cert signed by the owners of shop.com themselves, so you
> could reply on it in the future instead of X.509. Suddenly all X.509
> issues, like MITM attacks, disappear.
Well, since the Heartbleed bug, I wouldn't say that: the old private
key could have been compromised for whatever reason. At least you
need some 3rd party to check certificate revocation. But if it is
malicious, it could tell you that the certificate has been revoked
(even if it isn't), and you have the same problem as now... well,
almost. At least you can know that something has happened and you
Vincent Lefèvre <firstname.lastname@example.org> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)