Ben Laurie <[email protected]> writes: >On Sat, Jan 5, 2013 at 1:26 PM, Peter Gutmann <[email protected]> >wrote: >> In the light of yet another in an apparently neverending string of CA >> failures, how long are browser vendors going to keep perpetuating this PKI >> farce? [0]. Not only is there no recorded instance, anytime, anywhere, of a >> browser certificate warning actually protecting users from harm [1], > >This is patently incorrect: Diginotar were caught by a browser warning.
Well, we think that at least one user was. We definitely know that 300,000 others weren't. That's hardly a triumph of browser PKI. Let's look at the figures in more detail. There are around a billion users of the Internet. Let's say that they go to two SSL-enabled sites a day, probably a lower bound but it's just a back-of-the-envelope thing. That's two billion uses of browser PKI a day, let's call it roughly a trillion a year. SSL has been around in significant volume for, say, about 15 years, so that's 15 trillion uses. The number of people who reported being warned about the Diginotar cert was, say, a dozen or so, and of that we don't know how many ignored the warning and clicked through anyway, as they've been conditioned to do. There are figures from an earlier invalid-cert case in which exactly one user out of 300 was turned back by the warning, but let's be generous and say it was two users who were turned away. So out of 15 trillion uses of browser PKI, two worked to protect users. In other words it has an effectiveness rate of one in seven trillion. That pretty much makes browser PKI the homeopathy of security. >Certificate Transparency is a real security measure that is a response by a >browser vendor. So the response to the repeated failure of browser PKI is PKI-me-harder. Yeah, that's really going to make users safer. Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
