A mighty fortress is our PKI
Chris Palmer
chris at noncombatant.org
Tue Jul 27 00:22:39 EDT 2010
Perry E. Metzger writes:
> All major browsers already trust CAs that have virtually no security to
> speak of,
...and trust any of those CAs on any (TCP) connection in the (web app)
session. Even if your first connection was authenticated by the right CA,
the second one may not be. Zusmann and Sotirov suggested "SSL pinning" (like
DNS pinning, in which the browser caches the DNS response for the rest of
the browser process' lifetime), but as far as I know browsers haven't
implemented the feature.
A presentation I've given at a few security gatherings may be of interest. I
cover some specific security, UI/UX, and policy problems, as well as some
general observations about incentives and barriers to improvement. Our
overall recommendation is to emulate the success of SSH, but in a browser-y,
gentle-compliance-with-the-status-quo-where-safe way.
https://docs.google.com/present/view?id=df9sn445_206ff3kn9gs
Eckersley's and Burns' presentation at Defcon (coming right up) will present
their findings from a global survey of certs presented by hosts listening on
port 443. Their results are disturbing.
Ivan Ristic is also presenting his results of a survey at Black Hat on the
29th. I don't know anything about his findings.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list