Eddy Nigg (StartCom Ltd.) wrote:
Lesson 3: Not remembering certs and warning when they change is a
security risk (contrast to SSH model)
Eddy's proposal was about 1. 3 needs to be solved, too, but it's
harder and I'll save that for a later proposal.
As we discussed the "SSH model" previously, I think to mention a few
things here. Since most web site owners, after the expiry of the
certificate create a new one for their site, a regular visitor would
receive about once a year a warning that the public key changed.
That of course *must* not happen and is exactly why I said "it's
harder". As you said, there may be solutions, but they would probably
involve CAs and their subscribers, i.e. "harder". It's not subject of
this proposal, so let's not discuss this here.
--
When responding via mail, please remove the ".news" from the email address.
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
