WYTM?

[Tom Weinstein]

Ian Grigg wrote:

>Cryptography is a special product, it may
>appear to be working, but that isn't really
>good enough.  Coincidence would lead us to
>believe that clear text or ROT13 were good
>enough, in the absence of any attackers.
>
>For this reason, we have a process.  If the
>process is not followed, then coincidence
>doesn't help to save our bacon.
>
>It has to follow, for it to be valuable.  If
>it doesn't follow, to treat it as anything
>other than a mere coincidence to be dismissed
>out of hand is leading us on to make other
>errors.
>
>I think that Matt Blaze said it fairly well.
>There are some security practices that in
>the recent past are now considered appalling.
>
>It's time to be a little bit appalled, and
>to recognise SSL for what it is - a job that
>survived not on its cryptographic merits, but
>through market and structural conditions at
>the time.
>
SSL/TLS is not a complete security solution. It is a building block. It 
is a protocol for communication between two end points. As such, its 
threat model deals with threats involving that communication. It does 
not deal with the security of the end point, because if you can 
compromise the machine that the software trying to communicate is 
running on, then no protocol can provide you with any level of security.

You might choose to argue that a communications protocol is not what we 
need, but that would have nothing to do with the threat model that 
SSL/TLS is designed around.

It seems what you're criticizing here is the Netscape and Microsoft 
client/server HTTPS-based security solutions for electronic commerce. 
These are certainly built using SSL/TLS as a building block, but 
criticisms of their design have very little relevance for SSL/TLS itself.

>Here's specifically what the server does:  When
>it is installed, it doesn't also install and
>start up the SSL server.  You know that page
>that has the feather on?  It should also start
>up on the SSL side as well, perhaps with a
>different colour.
>
>Specifically, when you install the server, it
>should create a self-signed certificate and use
>it.  Straight away.  No questions asked.
>
>Then, it becomes an administrator issue to
>replace that with a custom signed one, if the
>admin guy cares.
>  
>
This really has nothing to do with TLS. If you don't like the 
installation process for Apache, you could fix it and send the patches 
back, or you could write your own web server.

>There should be no dialogue at all.  Going from
>HTTP to HTTPS/self signed is a mammoth increase
>in security.  Why does the browser say it is
>less/not secure?
>
>Further, the popups are a bad way to tell the
>user what the security level is.  The user can't
>grok them and easily mucks up on any complex
>qeustions.  There needs to be a security display
>on the secured area that is more prominent and
>also more graded (caching numbers) than the
>current binary lock symbol.
>  
>
The security UI for netscape/mozilla has always been terrible. IMHO, 
designing a user-friendly UI for crypto stuff that doesn't compromise 
security has been (and continues to be) the greatest obstacle to getting 
people to use this stuff.

-- 
Give a man a fire and he's warm for a day, but set   | Tom Weinstein
him on fire and he's warm for the rest of his life.  | tomw at tellme.com 


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com