[Cryptography] SSL Certificates are expiring...

Sun Feb 16 21:39:32 EST 2020

On 2/16/2020 9:15 AM, Phillip Hallam-Baker wrote:

>
> The WebPKI design brief was very narrow, I know this because I wrote
> it together with Michael Baum, Warwick Ford. The objective was to make
> shopping online as safe for the customer as shopping in a store. That
> is all. Confidentiality was not a primary concern, that was a
> secondary concern necessitated by the fact that credit card numbers
> are bearer tokens.
>
> The WebPKI was designed as an accountability infrastructure. The goal
> being to ensure that if a merchant did not deliver, there would be
> consequences. The objective was never to prevent the possibility of
> merchant fraud, it was to limit the rate to an unprofitable level.
>
>
> And the system worked so well fir the first decade, a lot of arrogant
> sods decided they knew better and could start hacking parts out
> arbitrarily. Like the revocation infrastructure. And then folk decided
> that it was an all purpose confidentiality infrastructure because that
> is the only type of security they can understand.

That's exactly how the organic growth of the Internet works. A
specification is put up with a narrow scope and demonstrates that it
works well in that scope. Since it works well, it get adopted widely and
the scope of application exceeds the initial design. At which point
additional works happens until the new version meets the extended scope.
Repeat. This is true for pretty much every standard including TCP
itself, which went from working on kilobit links in the 70's to multi
Gigabit links now, and in the process acquired a bunch of features like
congestion control, selective acknowledgements, time stamps, wide
windows and many more. It is obviously true of SSL and then TLS. And it
is also true of the certificate infrastructure, with stuff like CT
grafted on top of PKI. Experience shows that standards developed that
way are really hard to replace. You would think that a shiny new feature
will ensure replacement of the old crumpy stuff by the new one, but
generally the answer is just to add a slightly less shiny replacement
feature to that old stuff.

Unless you are Google or the Chinese Communist Party, of course. Google
has managed to develop an alternative to TCP with Quic, and they could
do that because the Chrome browser and the various Google services have
a huge market share. Even so, the transition has been going on since
2013, and we might finally get a standard this summer. It takes time.
The Chinese Communist Party is trying something similar with their "New
IP" initiative, aiming at replacing the current Internet standard by one
in which the identity of every user could be verified and their
activities observed from within the network. They may succeed because in
the process hey invested huge diplomatic efforts to get votes in the
ITU, and built a pretty solid industrial base with Huawei, and they plan
working on it until 2030. But if you are not one the mega corporate
powers or one of the dominant nation states, your odds of success are
much lower.

-- Christian Huitema

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200216/11af8cad/attachment.htm>