[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] Debian as though cryptographic authentication mattered Questions

On 5 August 2011 22:55, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On 08/05/2011 04:24 PM, Melvin Carvalho wrote:
>> You can self sign web server certs. ?This is what I do.
>
> Of course you can. ?You can also use OpenPGP certificates (RFC 6091), or
> arbitrarily-signed X.509 certificates that are validated through the
> OpenPGP WoT (this is what the monkeysphere firefox extension does). ?And
> there are probably other mechanisms as well. ?You can use these
> mechanisms for your client-side certs directly, even.
>
> The problem comes when you expect other parties to verify your identity.
>
> Consider server A.
>
> You want to prove your identity to server A. ?You hand server A your
> self-signed client-side WebID cert which contains a pointer back to a
> URL on your own web server, B (and you prove in the TLS handshake that
> you control the secret key corresponding to your WebID cert).
>
> Server A now needs to connect to web server B, and verify that the cert
> fetched from B matches the one you uploaded.
>
> If server B offers its data via cleartext HTTP, then anyone in control
> of the network can impersonate you by MITMing the A?B connection.
>
> If server B offers its data via HTTPS with a certificate that server A
> does not know how to verify, then anyone in control of the network can
> *also* impersonate you by MITMing the A?B connection.
>
> Server A is the relying party in this case -- If they can only rely on
> the CA cartel, then you're back to the dependency on the CA Cartel i
> pointed out originally.
>
> If server A *does* have a mechanism for verifying certificates outside
> the CA cartel, then they could use that mechanism on your client cert
> directly; so Web ID itself might not be necessary.
>
> Web ID appears to leverage the CA Cartel to indirectly verify
> client-side certificates. ?This is a win (because it means that end
> users don't have to get *themselves* certified by a member of the
> cartel), but it's not far enough for what i want -- members of the
> cartel are still untrustworthy-yet-trusted middlemen.

This is an interesting case.  It might indeed be tricky to exchange
public keys if the network has been taken over.

Could you explain how OpenPGP does this more securely?

>
> Regards,
>
> ? ? ? ?--dkg
>
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
Reply to: