[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] FOAF developers taking FreedomBox into their equation

On Fri, Mar 11, 2011 at 01:29:11AM +0100, Jonas Smedegaard wrote:
> On Thu, Mar 10, 2011 at 06:09:40PM -0500, Daniel Kahn Gillmor wrote:
> >But this discussion has been about using WebID as an
> >*authentication* mechanism -- that is, a way to bind a real-world
> >entity to a name (in the WebID case, the name is the URI) to a
> >public key.
> >
> >My point is simply that WebID does not address this question of
> >authentication.  Rather, it punts it to the current CA cartel.  We
> >shouldn't be doing that if our goal is to avoid centralized
> >control.
> I feel you are mixing two different issues here, and it is not
> really WebID you are critisizing but classic hierarchical DNS.

Daniel is just replying on the DNS issue because DNSSEC was raised as a
way to provide "strongest" authentication in self-signed certs WebID.

> Seems to me - still after this interesting discussion - that
> self-signed SSL certificates are adequate for deploying WebID.
> Sure, that does not ensure initial connection for new relationships
> but that seems to me similar to the bootstrapping of a completely
> virgin PGP key.

But with virgin Gnupg keys, there is process to begin to enter in the web
of trust and be linked to it. There is a process to verify the owner of a
key (with or without an ID). There is a way to revoke an ID. WebID seems
to pretend to be able to do authentication without any verification being
done before, and that might be what is surprising for some of us.

> Even with an untrusted DNS, it is my understanding that self-signed
> certification cannot be hijacked without notice.

Recent SSL researches tends to make believe its not that impossible to
hijack a cert without notice, mostly cause the cert verification relies on
dump browsers to do this verification. Dumb browsers that do not
handle/clean correctly null bytes characters in hijacked domain names or
stuffs like that.

> Sorry if I am dense: could you try explain to me why self-signed
> certificates or peer-coordinated CA trust metrics are irrelevant for
> use with WebID?
> I believe we are not trying to figure out a way to trust the whole
> World Wide Web, just maintain trust in peer FreedomBoxes not being
> man-in-the-middle attacked.

I'd prefer to consider the worst scenario, if possible, that is maintain
trust in a *possibly* at some moment MITMed network, which might be
realistic in some places...


Reply to: