[Cryptography] distrusted root CA: WoSign
Stephen Farrell
stephen.farrell at cs.tcd.ie
Sun Oct 2 14:55:18 EDT 2016
Hiya,
On 01/10/16 23:02, Ben Laurie wrote:
> On 1 October 2016 at 10:12, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
> wrote:
>> John Denker <jsd at av8n.com> writes:
>>
>>> In general, why do we put up with this? Why, why, why?
>>
>> Because we have no choice. What are you going to do in order to
>> opt out, stop using the web? It's a totally captive market.
>>
>> Note that things are run by the CA/Browser forum, not the
>> CA/Browser/web site operator/end user/customer forum. The only
>> people with a say in things are the ones who are making money off
>> the whole racket, and they aren't going to do anything to change
>> the status quo.
>
> I am so sick of this lame rhetoric.
While I agree that Peter's rhetoric is a bit OTT, there is a real
issue reflected in the above - the lack of any voice for users of
browsers, web server developers and content authors is IMO a real
reason to be somewhat wary of CAB forum. I don't know that there
are any moves to improve that situation, though of course there may
be.
> What is your proposed solution? Put up or shut up.
>
> More polite version: yes, it is a hard problem, but how do you solve
> it without some kind of central authority? On what basis can the end
> user validate a certificate, other than some authority doing it on
> their behalf? Of course I think that adding transparency to those
> authorities is a major win, but other than that, where do you go?
> Alternatives like DANE are just shuffling the deck chairs on the
> Titanic.
What Viktor said.
> What can you do that is radically better than CAs + transparency?
That is a fine question. I've not seen any good answers myself in
the last 20 years which is a shame. I have seen many proposals for
things that are a little better than X.509-based PKI, but none of
them that were sufficiently better to displace the current, wildly
imperfect, X.509-based PKI.
I do think CT is an improvement though, and in the longer term may
point to other solutions involving large databases of public keys.
But I've yet to see one of those that might really take hold.
S
> _______________________________________________ The cryptography
> mailing list cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3840 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161002/bc38f8e7/attachment.bin>
More information about the cryptography
mailing list