Perry E. Metzger writes: > All major browsers already trust CAs that have virtually no security to > speak of,
...and trust any of those CAs on any (TCP) connection in the (web app) session. Even if your first connection was authenticated by the right CA, the second one may not be. Zusmann and Sotirov suggested "SSL pinning" (like DNS pinning, in which the browser caches the DNS response for the rest of the browser process' lifetime), but as far as I know browsers haven't implemented the feature. A presentation I've given at a few security gatherings may be of interest. I cover some specific security, UI/UX, and policy problems, as well as some general observations about incentives and barriers to improvement. Our overall recommendation is to emulate the success of SSH, but in a browser-y, gentle-compliance-with-the-status-quo-where-safe way. https://docs.google.com/present/view?id=df9sn445_206ff3kn9gs Eckersley's and Burns' presentation at Defcon (coming right up) will present their findings from a global survey of certs presented by hosts listening on port 443. Their results are disturbing. Ivan Ristic is also presenting his results of a survey at Black Hat on the 29th. I don't know anything about his findings. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
