Fixing SSL (was Re: Dutch Transport Card Broken)
Thierry Moreau
thierry.moreau at connotech.com
Thu Jan 31 10:08:55 EST 2008
Philipp Gühring wrote:
> Hi,
>
>
>>SSL key distribution and management is horribly broken,
>>with the result that everyone winds up using plaintext
>>when they should not.
>
>
> Yes, sending client certificates in plaintext while claiming that SSL/TLS is
> secure doesn´t work in a world of phishing and identity theft anymore.
>
> We have the paradox situation that I have to tell people that they should use
> HTTPS with server-certificates and username+password inside the HTTPS
> session, because that´s more secure than client certificates ...
>
> Does anyone have an idea how we can fix this flaw within SSL/TLS within a
> reasonable timeframe, so that it can be implemented and shipped by the
> vendors in this century?
>
> (I don´t think that starting from scratch and replacing SSL makes much sense,
> since it´s just one huge flaw ...)
>
If I recall correctly, SSL was designed chronologically after ISO OSI
Network-Layer Security Protocol (yes, the official WAN was actually X.25
at one point) or Transport Layer Security Protocol, both in their
connection-oriented flavor, which used ideas originating from DecNET
designs (researcher names Tardo, Alagappan; I once had a patent number
in this thread of protocol engineering, but I lost it). Anyway, the key
point in these visionary ideas is that the D-H exchange occurs *before*
the exchange of security certificates. This provided the traffic-flow
confidentiality that becomes desirable to protect privacy these days.
So, you got your fix with OSI NLSP or TLSP, you just have to overcome
the *power of the installed base*!
Regards,
--
- Thierry Moreau
CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, Qc
Canada H2M 2A1
Tel.: (514)385-5691
Fax: (514)385-5900
web site: http://www.connotech.com
e-mail: thierry.moreau at connotech.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list