[Cryptography] distrusted root CA: WoSign
Ben Laurie
ben at links.org
Mon Oct 3 01:10:26 EDT 2016
On 2 October 2016 at 19:55, Stephen Farrell <stephen.farrell at cs.tcd.ie> wrote:
>
> Hiya,
>
> On 01/10/16 23:02, Ben Laurie wrote:
>> On 1 October 2016 at 10:12, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
>> wrote:
>>> John Denker <jsd at av8n.com> writes:
>>>
>>>> In general, why do we put up with this? Why, why, why?
>>>
>>> Because we have no choice. What are you going to do in order to
>>> opt out, stop using the web? It's a totally captive market.
>>>
>>> Note that things are run by the CA/Browser forum, not the
>>> CA/Browser/web site operator/end user/customer forum. The only
>>> people with a say in things are the ones who are making money off
>>> the whole racket, and they aren't going to do anything to change
>>> the status quo.
>>
>> I am so sick of this lame rhetoric.
>
> While I agree that Peter's rhetoric is a bit OTT, there is a real
> issue reflected in the above - the lack of any voice for users of
> browsers, web server developers and content authors is IMO a real
> reason to be somewhat wary of CAB forum. I don't know that there
> are any moves to improve that situation, though of course there may
> be.
Users have a voice, as Peter well knows, at least in Mozilla's
selection and vetting of CAs. Microsoft and Apple could do the same
thing.
>> What is your proposed solution? Put up or shut up.
>>
>> More polite version: yes, it is a hard problem, but how do you solve
>> it without some kind of central authority? On what basis can the end
>> user validate a certificate, other than some authority doing it on
>> their behalf? Of course I think that adding transparency to those
>> authorities is a major win, but other than that, where do you go?
>> Alternatives like DANE are just shuffling the deck chairs on the
>> Titanic.
>
> What Viktor said.
I already responded to Viktor.
>> What can you do that is radically better than CAs + transparency?
>
> That is a fine question. I've not seen any good answers myself in
> the last 20 years which is a shame. I have seen many proposals for
> things that are a little better than X.509-based PKI, but none of
> them that were sufficiently better to displace the current, wildly
> imperfect, X.509-based PKI.
>
> I do think CT is an improvement though, and in the longer term may
> point to other solutions involving large databases of public keys.
> But I've yet to see one of those that might really take hold.
Err ... CT?
More information about the cryptography
mailing list