[Security] About the Firefox 3 Security Dialog & others

Jonathan Schleifer js-xmpp-security at webkeks.org
Fri Aug 22 11:32:51 CDT 2008


Dave Cridland <dave at cridland.net> wrote:

> Well, you do have to go some to completely subvert a CA. Assuming  
> that someone managed it, then I imagine there'd be a few security  
> updates going out, in quite a bit of noise, and to do it in a way  
> that the CA themselves didn't notice would be impressive.

Have a look at the latest black hat. They had certs for big corporate
sites from some of the bigger CAs. They even rerouted the traffic there
and nobody noticed. They showed logs of this at the end of the
conference.

> With the big corporate CAs, there is so much cash at stake, an error  
> would be a disaster, so if the basis for your mistrust is that their  
> money-grabbing evil corporates, that's probably true, but plays into  
> your hands in this case.

See above ;). That's why I think a client shouldn't trust ANY CA by
default, but let the user allow to manually add a CA. This would be
interesting in corporations etc., you could just add the corporates' CA
then instead of verifying all fingerprints.

> Oh, if you do the whole Web Of Trust thing, it's really geeky. But
> if you do leap-of-faith or SAS-a-like with it, it works equivalently
> to the above - Simon was already suggesting this, actually, although
> Ekr suggested some improvements.

Well, but I don't see a noticable advantage in signing your cert with
your GPG key instead of sharing your fingerprint. Only advantage I see
is that if you know someone from mail and used GPG with him you don't
need to give him your fingerprint. But seriously, how often does that
happen?

> FWIW, I suspect some geeky users will want to reuse their existing  
> PGP keys, but they'll be in a small minority.

Exactly. We can bother with the minorities once we have something that
works. First, we need something that works, then we can extend it.

> Well, what makes sense to me is to have X.509 and GPG/PGP. I'd lean  
> toward X.509 as MTI, and GPGPGP as a strongly-worded-MAY. Both these  
> are supported within TLS, as I udnerstand things (which is, of
> course waaaay less than some here).

But then we won't have something like SAS, which is absolutely
mandatory if we want it to be Average Joe compatible ;).

-- 
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/security/attachments/20080822/84325226/attachment-0001.pgp 


More information about the Security mailing list