[Security] TLS Certificates Verification

Dave Cridland dave at cridland.net
Wed Aug 20 11:07:29 CDT 2008


On Wed Aug 20 16:09:05 2008, Jonathan Schleifer wrote:
> Peter Saint-Andre <stpeter at stpeter.im> wrote:
> 
> > Please do some research about TLS. It is not limited to using keys
> > (e.g., read RFC 5054).
> 
> Then why are we only talking about keys and verifiying keys here,  
> and
> not about secrets and verifiying secrets?

We're not, always.

Ekr, for instance, has been talking in terms of PAKE, a shared  
secret, and session resumption, in a pretty convincing way. So  
convincing, in fact, one could be forgiven for thinking he knew a  
thing or two about this stuff.

In fact, I think certificates are actually the best approach, because  
they're better understood, the IPR impact is clearer, they provide a  
wide range of options for initial and subsequent authentication, and  
both users and developers are more exposed to them, hence more likely  
to accept and trust them. I think we have a solid base there from  
leap-of-faith to fingerprinting to work with.

Technically speaking, Ekr's suggestion is probably the better one,  
but I think it's not so much better that the benefits outweigh the  
political and usability advantages of self-signed certificates.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade


More information about the Security mailing list