PKI too confusing to prevent phishing, part 28

Paul Hoffman paul.hoffman at vpnc.org
Mon Sep 26 11:30:15 EDT 2005 

At 8:53 AM +0200 9/26/05, Amir Herzberg wrote:
>Is PKI the cause of this? I think not. This is a usability problem.
>
>We try to fix this problem (and similar problems) with TrustBar. 
>Indeed we even had incidents where people on the TrustBar team 
>itself, and some security experts using TrustBar, thought there is a 
>bug - why does TrustBar display `Bad Certificate` warning, when 
>FireFox says the site is protected fine? But then we found out it 
>was simply a self-signed site, or a site signed by a CA not in the 
>list of the browser, or the most hard-for-users: a site with a 
>certificate whose issuer is specified as Verisign (say), but with a 
>wrong public key... this last one is really tricky; even expert 
>users get confused in identifying this, even when using the 
>certificate details dialogs (I checked for FireFox and IE).

To me, the first paragraph contradicts the second paragraph. 
Actually, the third sentence of the first paragraph contradicts the 
first two sentences of that paragraph.

A technology that cannot be made usable, but is widely used anyway, 
is the cause of its own problems.

>There are many problems with PKI, and certainly with its 
>implementation in browsers. But secure usability problems are worse. 
>I think our community should try to be constructive. I definitely 
>try myself, hence TrustBar. Please help me: try it and give me 
>feedback, if you are a good programmer, lend a hand improving it; or 
>find other ideas and implement them.

Looking at decades of experience with PC software, it seems unlikely 
that TrustBar or anything like it will be deployed and understood by 
typical users. It is fine to help increase the security for a small 
(possibly tiny) audience, but please do not conflate that with making 
the whole market more noticeably secure.

--Paul Hoffman, Director
--VPN Consortium

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list