SSL, client certs, and MITM (was WYTM?)
Anton Stiglic
astiglic at okiok.com
Thu Oct 23 10:46:57 EDT 2003
> I'm not sure how you come to that conclusion. Simply
> use TLS with self-signed certs. Save the cost of the
> cert, and save the cost of the re-evaluation.
>
> If we could do that on a widespread basis, then it
> would be worth going to the next step, which is caching
> the self-signed certs, and we'd get our MITM protection
> back! Albeit with a bootstrap weakness, but at real
> zero cost.
I know of some environments where this is done. For example
to protect the connection to a corporate mail server, so that
employees can read their mail from outside of work. The caching
problem is easily solved in this case by having the administrator
distribute the self-signed cert to all employees and having them
import it and trust it. This costs no more than 1 man day per year.
This is near 0 cost however, and gives some weight to Perry's
argument.
> Any merchant who wants more, well, there *will* be
> ten offers in his mailbox to upgrade the self-signed
> cert to a better one. Vendors of certs may not be
> the smartest cookies in the jar, but they aren't so
> dumb that they'll miss the financial benefit of self-
> signed certs once it's been explained to them.
I have a hard time believing that a merchant (who plans
to make $ by providing the possibility to purchase on-line)
cannot spend something like 1000$ [1] a year for an SSL
certificate, and that the administrator is not capable of
properly installing it within 1-2 man days. If he can't install
it, just get a consultant to do it, you can probably get one
that does it within a day and charges no more than 1000$.
So that would make the total around 2000$ a year, let's
generously round it up to 10K$ annum.
I think your 10-100 million $ annum estimate is a bit
exaggerated...
[1] this is the price I saw at Verisign
http://www.verisign.com/products/site/commerce/index.html
I'm sure you can get it for cheaper. This was already
discussed on this list I think...
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list