On Sat, Jan 5, 2013 at 1:26 PM, Peter Gutmann <[email protected]> wrote: > In the light of yet another in an apparently neverending string of CA > failures, how long are browser vendors going to keep perpetuating this PKI > farce? [0]. Not only is there no recorded instance, anytime, anywhere, of a > browser certificate warning actually protecting users from harm [1],
This is patently incorrect: Diginotar were caught by a browser warning. > but the > blind faith that browsers place in certificates is actively harming users when > things fail, as they have again and again and again. > > Users, or at least technical ones with enough knowledge to understand the > issues, have completely lost faith in browser PKI. If you look at discussion > threads on technical forums [2], browser PKI is seen purely as something to > roll your eyes at, to make jokes about. No-one (and as before that's with an > implied "who understands the details") has any faith in it any more. > > The total inability and/or unwillingness of the browser vendors to respond to > this and provide real security measures that don't involve simply changing the > silly-walk they do with certificates and continuing as before Certificate Transparency is a real security measure that is a response by a browser vendor. > is not only not > helping users in any way, it's actively harming them, and users are aware of > this. > > Browsers may as well turn off all their PKI-related code and just use anon-DH > for everything, which would be safer than the current false-sense-of-security > silly-walk they're doing, not to mention saving tens (hundreds?) of millions > of dollars paid to commercial CAs by sites wanting to disable the browser > warnings. > > Browser PKI costs a fortune to run, it doesn't protect users from anything the > attackers are doing, and at worst it actively endangers them. If it was a > commercial good, RAPEX would have it withdrawn [3]. > > Peter. > > [0] I mean "farce" in its theatrical sense here, "unlikely, extravagant, and > improbable situations [...] highly incomprehensible plot-wise (due to the > large number of plot twists and random events that often occur) [...] Farce is > also characterized by [...] the use of deliberate absurdity or nonsense, and > broadly stylized performances" (from Wikipedia, which has a more detailed > definition than e.g. the OED). > > [1] See "So Long, And No Thanks for the Externalities: The Rational Rejection > of Security Advice by Users", Cormac Herley. > > [2] And I realise the likes of Slashdot aren't the best of them, but it's the > most accessible and has the most participants, so it's a quick way to gauge > public opinion. > > [3] "RAPEX is the EU rapid alert system that facilitates the rapid exchange of > information between Member States and the Commission on measures taken to > prevent or restrict the marketing or use of products posing a serious risk to > the health and safety of consumers". > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
