HTTPS mutual authentication alpha release - please test
Nick Owen
nowen at wikidsystems.com
Mon Nov 7 13:14:20 EST 2005
Hadmut Danisch wrote:
> Mmmh, I'd have two questions about this:
>
>
> - It seems that you are not defending against an attack, but trying to
> protect the user against his own ignorance. The user ignores the
> warning label, so you want to replace it with a bigger warning
> label. But the bigger warning label doesn't contain any news or more
> information, or any protection that the smaller label doesn't
> provide. It's just that the bigger warning label is bigger (or more
> red, or more alerting letters...), hoping to wake the user up?
Feedback on the UI would be particularly helpful. I think it goes a bit
beyond warning labels in that it should be a very familiar site and when
it goes away, the warning is a shock, much like SSH when the server key
has changed. I estimate it would take about 5 minutes to test this
online. Directions are in the forums on sourceforge.
>
> But user ignorance is not a new type of attack. If the user pays
> attention to the browser warnings, then I don't see what advantage
> WIKD should have. Inventing new protocols and complexity, and
> trusting an additional party without good reason and reasonable
> advantage is never a good idea in security.
I agree that user ignorance is not a new attack. We just saw a problem
and wanted to attack the problem. Users do not pay attention to the
warnings. I think that is widely accepted, though I don't have any
references at hand. I don't think of it as a new protocol, rather a
check on an old protocol that is having some problems.
Perhaps a clarification is in order. While WiKID is well-suited to a
service bureau model, I suspect that most people would want it behind
their own firewall. They can update the certificate at any time. There
is no third-party to trust and if you want to look at the code, you may
as it is open.
>
> - The authorized owner must be able to replace the server certificate
> with a new one at any time, e.g. when the secret key has been lost
> or compromised.
>
> case 1: If it is not possible to update the hash stored at WIKID,
> how would the authorized owner ever be able to replace the
> compromised key with a new one? Wouldn't this force him into
> continuing in using the compromised key?
As noted above, the key can be changed.
>
> case 2: If it is possible to update the hash stored at WIKID, and if
> the attacker was already able to register a bogus certificate at an
> official CA, why shouldn't he be able to update the certificate at
> WIKID as well? In what way is WIKID's certificate verification
> procedure more reliable than the one of the "trusted CAs" ?
We're not really addressing the situation where the attacker has stolen
a valid private cert, but where an attacker is using some social
engineering trick to fool the user with a MITM site. Thus, we believe
there is value in providing another way to validate to the user that
they are going to the correct site.
Nick
>
>
> Hadmut
>
>
>
>
>
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
>
--
Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
http://www.wikidsystems.com
At last, two-factor authentication, without the hassle factor
Now open source: http://sourceforge.net/projects/wikid-twofactor/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list