[Security] About the Firefox 3 Security Dialog & others

Jonathan Schleifer js-xmpp-security at webkeks.org
Fri Aug 22 10:22:54 CDT 2008


As many of you might already know:

http://rss.slashdot.org/~r/Slashdot/slashdot/~3/371835374/article.pl

I will take this as an opportunity to state my opinion on our problems  
with certs :)

If we have a CA, we need to warn for self-signed certs. But if we do  
it like Firefox 3 - which some here considered the right way - it will  
scare users away - they can't talk or won't use crypto at all.

Another problem is that a CA means a single point of failure. If that  
CA is broken, someone can forge everyone. Plus I don't trust CAs  
generally.

So what's left?

* Self-signed keys
* GPG
* SRP

The problem with self-signed keys is that the fingerprint you need to  
verify is very long and most users just won't verify it.

The problem with GPG is that this is geeks-only.

The problem with SRP is bots.

So, I think we shouldn't concentrate on one of these. We should have  
more than 1 way. For example, if we have SRP and self-signed certs,  
we'd be fine. For bots, we could also add a CA so bots of the same  
owner trust each other by just having the root cert.

Any thoughts on this?

--
Jonathan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part
Url : http://mail.jabber.org/pipermail/security/attachments/20080822/26487c49/attachment.pgp 


More information about the Security mailing list