Fingerprint Firefox Plugin?

Anne & Lynn Wheeler lynn at garlic.com
Wed Oct 24 14:57:32 EDT 2007 

zooko wrote:
> Suppose you did have a convenient way to display the SSL certificate for 
> every site whenever you loaded a page from the site. You probably 
> wouldn't want to memorize all the certificates for the secure sites that 
> you care about, so you might instead write some notes on a piece of 
> paper next to your computer, for example writing down an SSL certificate 
> and then next to it writing "bank", and then writing down another one 
> and then next to it writing "mail", and so on.
> 
> Then, whenever you load a page, you would look at the SSL certificate 
> that is linked to that page and glance at your notepad to see which 
> description it maps to. If you are looking at a random web site that 
> you've never seen before, and the certificate doesn't appear on your 
> notes, then no big deal. If you are looking at a page that appears to 
> belong to your bank, and the certificate that came with that page 
> doesn't appear on your notes, then this is a big red flag! Likewise, if 
> you are looking at a page that appears to belong to your bank, and the 
> certificate appears on your notes, but the note next to it doesn't say 
> "bank", then this is a red flag, too! For example, it might be the 
> certificate of your mail service, which appears on your paper along with 
> the note "mail". Or it might just be a certificate that appears on your 
> paper along with the note "joke site from Harry".
> 
> Note that a system which classified certificates into "trusted" or 
> "untrusted" categories might give you the green flag even when a 
> certificate that you trust to serve up good jokes is serving up 
> something that appears to be your bank account.
> 
> So, the thing about writing down certificates and mapping them to short 
> hand-written notes is what the Pet Name Toolbar automates for you:
> 
> https://addons.mozilla.org/en-US/firefox/addon/957


the design point for certificates was first time communication between total
strangers (aka the letters of credit/introduction from sailing ship days).

certificates have also somewhat tried moving into no-value market segment for relying
parties that had no (and/or couldn't cost justify) mechanism for recording information
about other parties they were dealing with. 

by comparison pgp had assumed some mechanism for relying parties being able to 
record information about the parties that they had dealings with. huge number of
infrastructures have had well entrenched infrastructures for recording information
about parties that they dealt with ... it just has been that the authentication
related information (for these infrastructures) have tended to be shared secrets.
many of these infrastructures could have been upgraded from shared secrets
to public key ... w/o having any impact on the business and/or trust models
... and furthermore by the very nature of the existing infrastructures,
the paradigm behind digital certificates wasn't applicable (i.e. digital
certificates being totally redundant and superfluous).

recent thread/posting about it being much more natural for simple upgrade 
of kerberos infrastructure from shared secrets to public key ... w/o the
exorbitant additional overhead and processing introduced by digital
certificates. 
http://www.garlic.com/~lynn/2007q.html#2 Windows Live vs Kerberos
http://www.garlic.com/~lynn/2007q.html#5 Windows Live vs Kerberos

when we were called in to consult with this small client/server startup
that wanted to do payment transactions on their server ... since then
somewhat has come to be called electronic commerce
http://www.garlic.com/~lynn/subnetwork.html#gateway

one of the technologies they had invented was SSL ... and we had
to do some work on applying SSL to real business processes and also
do some end-to-end audits of the whole series of operations ... including
these things that we calling themselves certification authorities

one of the things that undermined original assumptions applying
SSL to business processes was the whole "click" paradigm ... discussed
in more detail in this recent post
http://www.garlic.com/~lynn/2007q.html#30 

and the assumptions about SSL as countermeasure and the related
threat models.

another aspect of SSL, certification authorities, digital certificates
was the whole issue behind what is met by certification process ... and
what certifications were represented by digital certificates. 

during the initial decade or so of electronic commerce something over
70 percent of the transactions were done by less than 100 websites
(activity is highly skewed) These websites were both well known and 
also carried a lot of repeat business ... invalidating one of the 
original/primary justifications  for having digital certificates. 
so a very few websites did majority of transactions and didn't 
need certification. by comparison, the vast majority of websites
were only doing a very, very few electronic transactions
(especially those involving large percentage of first interaction
between complete strangers) ... and couldn't cost justify 
expensive certification process

the other issue was that (all) merchants were already paying a fairly
hefty "interchange fee" that acted as a form of warranty/insurance
to cover their client/consumers (actually proportional to
the value of the operations). by comparison, the certification
authorities were providing almost no added value ... so except
for pure hype ... there was no real reason for spending
money for additional certification (at least from the standpoint
of electronic commerce) ... which somewhat gave rise to the thread 
about "merchant comfort certificates" in some of the older ssl 
domain name certificate postings
http://www.garlic.com/~lynn/subpubkey.html#sslcert  

a combination of these factors continued to push
PKIs, certification authorities, and digital certificates
more and more into the no-value market segment.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list