[Cryptography] SSL Certificates are expiring...
Bill Frantz
frantz at pwpconsult.com
Tue Feb 18 21:47:00 EST 2020
On 2/16/20 at 12:15 PM, phill at hallambaker.com (Phillip
Hallam-Baker) wrote:
>>For the web, I would like to have my trust anchor for a site be
>>through a key it controls, not a CA. When I go to a site using a
>>CA as a trust anchor, I will keep my financial and secret data
>>exposure low until I have some transaction experience. I want to
>>know I'm talking to the same site I was talking to when I
>>developed the trust I have, not a intruder site attested to by
>>an untrustworthy TTP. (Do browsers still have over 80 trust anchors?)
>>
>
>The flaw in the WebPKI is that the design brief really calls for an
>introduction scheme and TLS is configured as a transaction authentication
>scheme. That is in part a consequence of not having the tools at the time
>to make an introduction scheme portable across browsers and hosts. It is
>also a consequence of the fact that a merchant does not necessarily defect
>immediately and it takes time for defection to be observed. Oh and the fact
>that many Web sites are incapable of managing PKI with the fidelity
>required for pinning trust anchors.
Defecting is, as far as I know, an unsolved problem. Back in the
early 1960s, when the US offered strong protection to the
official importers of foreign goods, there was a company in Hong
Kong which mail ordered Japanese cameras to the US for about 1/2
price. When I ordered a Nikon F from them, I got the camera in a
package shipment, and the nameplate arrived in a first class
letter. (The US importer owned the name "Nikon".)
About a year later, they continued to collect orders, but
stopped shipping. Then they completely disappeared, having
cached in their reputation capital.
>>I think we have the current system because that was the only
>>system people could build a business model around, and that the
>>need to support that business model was reflected in
>>contributions to the standards bodies.
>>
>
>The RSA and DH patents expired in the 90s, there was plenty of opportunity
>to propose something different.
>
>The problem is path dependence, not some conspiracy. We could have adapted
>TLS for IoT devices really easily, just make use of self signed certs
>painless. I suggested that on a half dozen occasions and it never happened.
What I meant by business models is the certificate authorities.
They make good money based on their monopoly of being listed in
major browsers as trust roots. As far as I can tell, the WebPKI
model is the only model that provides this kind of niche to
build a business.
BTW, I'm not sure that you can get a protocol adopted with out a
business model which will allow companies to make money.
Cheers - Bill
------------------------------------------------------------------------
Bill Frantz |"Insofar as the propositions of mathematics
refer to
408-348-7900 | reality, they are not certain; and insofar
they are
www.pwpconsult.com | certain, they do not refer to reality.”
-- Einstein
More information about the cryptography
mailing list