Humorous anti-SSL PR

Eric Rescorla ekr at rtfm.com
Thu Jul 15 16:55:51 EDT 2004


John Denker <jsd at av8n.com> writes:

> "J Harper" <jsec at peersec.com> wrote:
>>
>>>This barely deserves mention, but is worth it for the humor:
>>>"Information Security Expert says SSL (Secure Socket Layer) is Nothing More
>>>Than a Condom that Just Protects the Pipe"
>>>http://www.prweb.com/releases/2004/7/prweb141248.htm
>
> To which Eric Rescorla replied:
>
>> What's wrong with a condom that protects the pipe? I've used
>> condoms many times and they seemed to do quite a good job
>> of protecting my pipe.
>
> The humor just keeps on coming.  It's always amusing to
> see an invocation of the principle that "I've tried it
> on several occasions and it seemed to work, therefore
> it must be trustworthy."

Actually, that's a pretty reasonable way of assessing safety in
systems where there's no attacker specifically targeting you.
Or are you claiming that we shouldn't have confidence in 
the MMR vaccine because there's a small possibility that
someone will engineer a vaccine-resistant strain of measles?

Yes, I'm quite aware that it's traditional to assume a threat
model in which there's a very smart attacker dedicated to
attacking you in particular, but 99.9% of the time that's
not the situation, and it's silly to suggest that something
is worthless merely because it doesn't provide protection that .1% 
of the time.

-Ekr

P.S. FWIW, I've skimmed Articsoft's web site and as far as I
can tell their product is "superior" in two respects:

(1) The data is transmitted as an encrypted OpenPGP message
    so in theory it's protected even at rest. In practice,
    of course, to do real-time processing the server needs
    to be able to decrypt, so it's not clear that any actual
    benefit obtains here. There are advantages to message-oriented
    security (cf. S-HTTP) but this doesn't seem like a very convincing
    one.

(2) They control the client side so they can enforce a more strict
    integrity/authenticity check than the browser does. Of course,
    the browser's weak cert checking is an intentional feature,
    not a mistake--users got tired of not being able to get
    to web sites just because the certs were bad.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list