[Cryptography] distrusted root CA: WoSign

ianG iang at iang.org
Sun Oct 2 18:14:39 EDT 2016 

On 2/10/2016 20:55 pm, Stephen Farrell wrote:
>
> Hiya,
>
> On 01/10/16 23:02, Ben Laurie wrote:
>> On 1 October 2016 at 10:12, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
>> wrote:
>>> John Denker <jsd at av8n.com> writes:
>>>
>>>> In general, why do we put up with this?  Why, why, why?
>>>
>>> Because we have no choice.  What are you going to do in order to
>>> opt out, stop using the web?  It's a totally captive market.
>>>
>>> Note that things are run by the CA/Browser forum, not the
>>> CA/Browser/web site operator/end user/customer forum.  The only
>>> people with a say in things are the ones who are making money off
>>> the whole racket, and they aren't going to do anything to change
>>> the status quo.
>>
>> I am so sick of this lame rhetoric.
>
> While I agree that Peter's rhetoric is a bit OTT, there is a real
> issue reflected in the above - the lack of any voice for users of
> browsers, web server developers and content authors is IMO a real
> reason to be somewhat wary of CAB forum. I don't know that there
> are any moves to improve that situation, though of course there may
> be.


Peter's rhetoric is actually a bit soft.  No security protocol can be 
analysed outside the context of the users and institutions who field it. 
  The real place any change is blocked is CA/B Forum, the browsers, the 
IETF, the CAs, the auditors and the software creators, all of whom are 
locked in a deadly embrace.  And they like it that way, the incumbent 
people within are mostly not volunteers as we might imagine in the open 
source world, but instead are employed and paid to promote the model.

So why would they change?

CAB Forum was born in darkness, and grew in darkness.  They didn't open 
it up until after they had laid down a new framework for standards that 
locked in the old model even tighter.  Even when they opened it up, 
after two or three years of secret policy preparation, they carefully 
made sure that no open or outside or user-oriented voice would be able 
to change things.


>> What is your proposed solution? Put up or shut up.


This reminds me of the "where's your patch?" rhetoric.  The problem with 
this lazy slap down is that a person could spend months writing a patch 
and have it rejected.  It is pretty clear for example that if we send in 
a patch for Chrome to implement say Jerry's idea or any of 100 ideas 
proposed, it would go nowhere.

This doesn't mean you're wrong.  You could be right.  But the difference 
between that and building the franchise, locking out others, is nothing.


>> More polite version: yes, it is a hard problem, but how do you solve
>> it without some kind of central authority? On what basis can the end
>> user validate a certificate, other than some authority doing it on
>> their behalf? Of course I think that adding transparency to those
>> authorities is a major win, but other than that, where do you go?
>> Alternatives like DANE are just shuffling the deck chairs on the
>> Titanic.
>
> What Viktor said.


PKI is a tribe.  There is no way to change it.  And it is totally 
pointless to even talk to the tribe about their religion.

The only thing that can be done is to bypass it.  Totally.


>> What can you do that is radically better than CAs + transparency?
>
> That is a fine question. I've not seen any good answers myself in
> the last 20 years which is a shame. I have seen many proposals for
> things that are a little better than X.509-based PKI, but none of
> them that were sufficiently better to displace the current, wildly
> imperfect, X.509-based PKI.


They will never displace.  Any sufficiently good technology (and there 
are a few) will not displace PKI-secured browsing but bypass it and 
create an entirely new system.


> I do think CT is an improvement though, and in the longer term may
> point to other solutions involving large databases of public keys.
> But I've yet to see one of those that might really take hold.


CT is making its mark.  What is poignant is that it took a company with 
google's resources and position to do it.  The notion that even google 
had to work hard at it puts the lie to the notion that any one less 
could make changes.



iang

More information about the cryptography mailing list