[Security] About the Firefox 3 Security Dialog & others

Pedro Melo melo at simplicidade.org
Fri Aug 22 11:10:31 CDT 2008

On Aug 22, 2008, at 4:22 PM, Jonathan Schleifer wrote:

> As many of you might already know:
> http://rss.slashdot.org/~r/Slashdot/slashdot/~3/371835374/article.pl
> I will take this as an opportunity to state my opinion on our  
> problems with certs :)
> If we have a CA, we need to warn for self-signed certs. But if we do  
> it like Firefox 3 - which some here considered the right way - it  
> will scare users away - they can't talk or won't use crypto at all.
> Another problem is that a CA means a single point of failure. If  
> that CA is broken, someone can forge everyone. Plus I don't trust  
> CAs generally.
> So what's left?
> * Self-signed keys
> * GPG
> * SRP
> The problem with self-signed keys is that the fingerprint you need  
> to verify is very long and most users just won't verify it.
> The problem with GPG is that this is geeks-only.
> The problem with SRP is bots.
> So, I think we shouldn't concentrate on one of these. We should have  
> more than 1 way. For example, if we have SRP and self-signed certs,  
> we'd be fine. For bots, we could also add a CA so bots of the same  
> owner trust each other by just having the root cert.
> Any thoughts on this?

Yes, split the trust decision from the encryption part.

Self-signed certs, CA-signed certs, and GPG keys provide the same  
thing: a way to exchange a key to use in a stream cipher to create an  
encrypted channel.

This is something that should be standard at the XSF level: how to use  
those keys to create a encrypted channel.

The trust requirements vary so much from person to person, from  
organization to organization, that you'll never get a one-true-way.

Some people (like me) will use SRP most of the time, with an  
occasional full signature comparison, specially if I already have said  
signature from a trusted source (ie, I met you and you gave me your  

Others will require full blown CA certification and they will only  
trust keys from certain CA's.

For example, I can see myself (if my client supported it) doing  
something like this:

  * membership on group SAPO is restricted to users whose keys are  
signed by the SAPO CA;
  * group 'friends' requires at least SRP.

The client wouldn't let me add contact to such groups without  
verifying my desired level of paranoia.

I'm new to this list, and admit that I'm not an expert in SSL/TLS, and  
all this stuff, but high-level, "trust" is a local-policy thing, and  
as such difficult to make "standard".

Best regards,
Pedro Melo
Blog: http://www.simplicidade.org/notes/
XMPP ID: melo at simplicidade.org

More information about the Security mailing list