[Cryptography] SSL Certificates are expiring...

Bill Frantz frantz at pwpconsult.com
Tue Feb 18 21:47:00 EST 2020 

On 2/16/20 at 12:15 PM, phill at hallambaker.com (Phillip 
Hallam-Baker) wrote:

>>For the web, I would like to have my trust anchor for a site be
>>through a key it controls, not a CA. When I go to a site using a
>>CA as a trust anchor, I will keep my financial and secret data
>>exposure low until I have some transaction experience. I want to
>>know I'm talking to the same site I was talking to when I
>>developed the trust I have, not a intruder site attested to by
>>an untrustworthy TTP. (Do browsers still have over 80 trust anchors?)
>>
>
>The flaw in the WebPKI is that the design brief really calls for an
>introduction scheme and TLS is configured as a transaction authentication
>scheme. That is in part a consequence of not having the tools at the time
>to make an introduction scheme portable across browsers and hosts. It is
>also a consequence of the fact that a merchant does not necessarily defect
>immediately and it takes time for defection to be observed. Oh and the fact
>that many Web sites are incapable of managing PKI with the fidelity
>required for pinning trust anchors.

Defecting is, as far as I know, an unsolved problem. Back in the 
early 1960s, when the US offered strong protection to the 
official importers of foreign goods, there was a company in Hong 
Kong which mail ordered Japanese cameras to the US for about 1/2 
price. When I ordered a Nikon F from them, I got the camera in a 
package shipment, and the nameplate arrived in a first class 
letter. (The US importer owned the name "Nikon".)

About a year later, they continued to collect orders, but 
stopped shipping. Then they completely disappeared, having 
cached in their reputation capital.


>>I think we have the current system because that was the only
>>system people could build a business model around, and that the
>>need to support that business model was reflected in
>>contributions to the standards bodies.
>>
>
>The RSA and DH patents expired in the 90s, there was plenty of opportunity
>to propose something different.
>
>The problem is path dependence, not some conspiracy. We could have adapted
>TLS for IoT devices really easily, just make use of self signed certs
>painless. I suggested that on a half dozen occasions and it never happened.

What I meant by business models is the certificate authorities. 
They make good money based on their monopoly of being listed in 
major browsers as trust roots. As far as I can tell, the WebPKI 
model is the only model that provides this kind of niche to 
build a business.

BTW, I'm not sure that you can get a protocol adopted with out a 
business model which will allow companies to make money.

Cheers - Bill
------------------------------------------------------------------------
Bill Frantz        |"Insofar as the propositions of mathematics 
refer to
408-348-7900       | reality, they are not certain; and insofar 
they are
www.pwpconsult.com | certain, they do not refer to reality.” 
-- Einstein

More information about the cryptography mailing list