[Cryptography] Preliminary review of the other Applied Cryptography
ianG
iang at iang.org
Fri Apr 11 17:09:42 EDT 2014
On 11/04/2014 13:17 pm, Viktor Dukhovni wrote:
> [ HTTPS libraries would need a configurable switch to choose between
> PKIX-style TLSA and non-PKIX DANE-only TLSA records. The switch
> would be set by default to match general-purpose browser policy,
> whatever that might be. Here we run into some major philosophical
> obstacles.
This question:
> Is it the job of TLS certificates to ensure that you're
> connected to whichever server you asked to connect to, or is it to
> protect you from your own folly when you visit the websites of
> typo-squatters, phishers, ... The presumed value-add of PKIX EV
> validation rests I believe on the premise that users need protection
> from themselves as much or more than from MiTM attackers, and that
> it is the job of browser TLS to address this problem. ]
I really doubt the latter choice, I'd be pretty sure we get the former
choice, and even that is suspect.
Althought EV was started because of this question, the result was not to
answer it. I do not recall anything from EV documents that spoke to
actually taking on liabilities. CAs will not at any time disavow your
misinterpretation, nor will they at any time take on any liability that
isn't easily dumped to another party. It's just not the business they
are in.
iang
More information about the cryptography
mailing list