On 02/07/2012 11:51 AM, Ben Laurie wrote:
The security argument itself seems very weak. There is no evidence yet that
the alternative strategy that Google proposes, namely letting them control
the CRL list (and thus another part of the internet infrastructure), is any
safer for the user in the long run.
The point is that using this mechanism means Chrome always has an
up-to-date revocation list - as it is now, revocation checking can be
blocked and Chrome will allow revoked certs as a result.
I understood that, but that's just a story, not evidence. A meaningful
analysis will not focus on a single story (Schneier's "Hollywood
plots"), but look at the issue from all angles and include some real data.
Certainly the privacy concern that Google expresses "because the CA learns
the IP address of users and which sites they're visiting" does not extend to
Google itself, which already has much more detailed information about its
users.
Since it is a push mechanism, Google does not get which sites the user
is visiting.
As written, that is a very misleading statement. It's true that they
don't get that data through the CRL mechanism. But they still know
which sites the user is visiting from several other mechanisms. Google
Chrome sends every letter typed into the URL or search box to Google
Search, and Google Analytics keeps track in the background when you are
not typing but navigating. And that's just scratching the surface of
the tracking and aggregation they are already doing. On top of that,
they can always turn the data mining screw if they need to.
That's not surprising of course (once you consider security economics),
as a browser with strong privacy measures would undermine Google's
business model and thus be a negative value proposition. In contrast,
for a CA it's the smarter business move to protect the privacy of the
data collected. The incentives are clear here and not in Google's
favor. The privacy argument is a red herring, and Google raising it is
hypocritical.
Thanks,
Marcus
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
