[Freedombox-discuss] FOAF developers taking FreedomBox into their equation
On Wed, Mar 09, 2011 at 11:00:38PM -0500, Daniel Kahn Gillmor wrote:
>On 03/09/2011 06:11 PM, Melvin Carvalho wrote:
>> Traditionally we've always 'self signed' our WebID certificates. So
>> there's no CA that needs to be in the loop. In fact, I dont know of
>> any instance WebID has *ever* been used with a CA, but I suppose it
>> is possible too. :)
>
>For plain http:// URL WebIDs, there is no CA in the loop; but plain
>http:// WebIDs are vulnerable to a pretty trivial attack by someone
>with reasonable control of the network -- all they need to do is forge
>DNS or intercept traffic to convince the server doing a backhaul lookup
>that the client's presented WebID cert is legit. This level of
>vulnerability to an attacker in control of the network doesn't seem to
>meet the standards i'd hope for a robust, freedom-preserving scheme.
>
>So that leaves https:// WebIDs, which in turn need some sort of
>certificate validation. I'm pretty sure that any WebID that points to
>an https:// URL relies on the CA cartel to validate the backhaul
>connection, in the current implementations, no? Either the certificate
>validation is not happening (in which case the scheme is vulnerable to
>an attacker in control of the network again), or the certificate
>validation relies on some set of CAs.
>
>I'm happy that WebID is trying to sidestep the CA cartel for end-user
>certificates. But it seems to rely on either (a) centralized,
>cryptographically-guaranteed DNS (DNSSEC) or (b) the CA cartel to
>validate the server-side certificates (or both). Both of these options
>leave a handful of fairly unaccountable middlemen with the ability to
>perform denial of service attacks on end user identities and even
>impersonations.
>
>I'd love to hear suggestions for improving the scheme to be resistant
>to these middlemen, but i don't think i've heard any of them yet.
I believe the key to this is the FOAF part: I can, in my FOAF file,
beyond declaring what friends I have and what WebID public key is linked
to it, also declare what CAs I trust (which might be only my very own
FreedomBox).
I imagine FreedomBoxes can then grow a web of trust, not only of people
but also of CAs.
If some of my close friends trust e.g. CAcert.org then I should also
trust it - or alternatively I should lower the trust in those friends.
FreedomBox can help with both those logics, I believe.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110310/f8f4a127/attachment.pgp>
Reply to: