[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] FOAF developers taking FreedomBox into their equation

On Fri, Mar 11, 2011 at 02:21:24AM +0100, bertagaz at ptitcanardnoir.org 
>On Fri, Mar 11, 2011 at 01:29:11AM +0100, Jonas Smedegaard wrote:
>> On Thu, Mar 10, 2011 at 06:09:40PM -0500, Daniel Kahn Gillmor wrote:
>> >But this discussion has been about using WebID as an 
>> >*authentication* mechanism -- that is, a way to bind a real-world 
>> >entity to a name (in the WebID case, the name is the URI) to a 
>> >public key.
>> >
>> >My point is simply that WebID does not address this question of 
>> >authentication.  Rather, it punts it to the current CA cartel.  We 
>> >shouldn't be doing that if our goal is to avoid centralized control.
>> I feel you are mixing two different issues here, and it is not really 
>> WebID you are critisizing but classic hierarchical DNS.
>Daniel is just replying on the DNS issue because DNSSEC was raised as a 
>way to provide "strongest" authentication in self-signed certs WebID.

Ah. ok.

>> Seems to me - still after this interesting discussion - that 
>> self-signed SSL certificates are adequate for deploying WebID. Sure, 
>> that does not ensure initial connection for new relationships but 
>> that seems to me similar to the bootstrapping of a completely virgin 
>> PGP key.
>But with virgin Gnupg keys, there is process to begin to enter in the 
>web of trust and be linked to it. There is a process to verify the 
>owner of a key (with or without an ID). There is a way to revoke an ID. 
>WebID seems to pretend to be able to do authentication without any 
>verification being done before, and that might be what is surprising 
>for some of us.

If e.g. Verisign is untrusted, then remove Verisign root certificates 
from your system and any website using that CA will no longer be 
trusted.  This should be true also for WebID.

Might be that the user runs IE8 with horrible settings, but the 
FreedomBox wanting to verify a claimed WebID does not, so that should 
not matter to us, I believe.

>> Even with an untrusted DNS, it is my understanding that self-signed 
>> certification cannot be hijacked without notice.
>Recent SSL researches tends to make believe its not that impossible to 
>hijack a cert without notice, mostly cause the cert verification relies 
>on dump browsers to do this verification. Dumb browsers that do not 
>handle/clean correctly null bytes characters in hijacked domain names 
>or stuffs like that.

Again, this may be true in the larger world, but irrelevant for 
FreedomBox in particular, I believe.

>> Sorry if I am dense: could you try explain to me why self-signed 
>> certificates or peer-coordinated CA trust metrics are irrelevant for 
>> use with WebID?
>> I believe we are not trying to figure out a way to trust the whole 
>> World Wide Web, just maintain trust in peer FreedomBoxes not being 
>> man-in-the-middle attacked.
>I'd prefer to consider the worst scenario, if possible, that is 
>maintain trust in a *possibly* at some moment MITMed network, which 
>might be realistic in some places...

Makes sense.  But we are still talking about FreedomBox here, right?

  - Jonas

  * Jonas Smedegaard - idealist & Internet-arkitekt
  * Tlf.: +45 40843136  Website: http://dr.jones.dk/

  [x] quote me freely  [ ] ask before reusing  [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110311/aa49fe23/attachment.pgp>

Reply to: