I have left a lot of your posts unanswered as I could have gone on for ages, but I couldn't let this one slip.
What is your criteria for comparing the respective success of SSH and SSL ? I bet the later gets used by a heck of a lot more people every day, and it is supported by many more programs.
This is a very good question. My original stab was here:
http://iang.org/ssl/how_effective.html
which suggested that HTTPS was not successful, at least by the one single measure of how many HTTP servers sought to use SSL (about 1%). This is one area where SSH, for example, shines, as it dominates the alternate of telnet within the Unix world.
Of course, many other measures are possible. Design wins, mindspace, etc, are areas where SSL is successful over SSH. Ease of use at the implementation and setup level is one area where SSH dominates over SSL.
A particularly interesting area is to measure how successful these protocols are against real attacks, which of course is fraught with complications, as real attacks are hard to research.
Then, as you suggest, how many usages (per day) and how many users - that I simply don't know, and it would take some ISP or router stats to work that out. E.g., what's the relative count of sessions on ports 22, 443, although there are many complications in those sorts of simple counts.
You are free to use any proprietary security protocol you want, including a home built-one or double ROT13 . Nobody is forcing you to use SSL/TLS for your own applications.
As of a year ago, a lot of people would have disagreed with that. In fact, in mid 2003, a group of allegedly respectable crypto people hounded Tom (of libtomcrypt fame) for presenting an alternate to SSL, on more or less the grounds that it wasn't SSL.
Eventually, to quell the complaints, Tom withdrew the protocol. The crypto field is the poorer for this, as it is a fairly consistent observation that SSL/TLS libraries are not the easiest things to use.
However, Tom's bruising may have had benefits, as those same people are now rethinking the notions of "if it's not SSL, it's evil" [1]. Especially as the whole phishing thing arises, and as the stats on low HTTPS cert usage sink in.
Obviously most businesses and financial institutions don't agree with your approach, as they prefer to use the open and very popular SSL/TLS protocol, which is supported by a host of programs from many sources, commercial and free, rather than reinvent the wheel and start from scratch as you advocate.
Like I say, there's no fun in singing with the choir :-) Frankly, those businesses and financial institutions either don't know whether they are secure or not, and when they find out that they are insecure, they are indeed forced to reinvent the wheel. There is an awful lot of circular engineering going on, it's just not going on in terms of "replace SSL with LSS." More, it's going on in terms of examining the entire security and threat space.
One of the often stated goals of the NSS library is to support this SSL protocol, for the now-defunct Netscape client, the Mozilla client, some other AOL clients, the Sun/iPlanet servers, and incidently anyone else who wants a free source implementation of that protocol.
Supporting proprietary security protocols is not one of the stated goals of NSS, or of Mozilla .
Perhaps I should have clarified - this entire thread was not necessarily oriented to the NSS library, which I agree has more strict goals that might be closer to "just SSL support." [2]
I also am mostly interested in improving the security of Mozilla in the face of threats that are documented, costly, and continuous, but are otherwise ignored by the crypto people everywhere.
I.e., phishing. To that end, with some minor tweaks of HTTPS and the way Mozilla deals with users, I think it is possible to reduce phishing to a dull roar. I don't know any other way to address it though, without looking squarely at HTTPS and the browser.
iang
[1] There is a wider debate going on within the crypto field as to the way in which crypto people - cryptographers and cryptoplumbers - should interface with the apps world. As there is a wider debate as to whether we as a security field know what we are doing...
In some senses, there are claims of success in the past; I find those claims to be without much founding, and where the claims are examined, they tend to be based on the hype and press of corporate campaigns, and some expert's opinion, as taught by another expert, which latter expert go from a book, which has since been recanted.
Rather than hard evidence and/or measurable protection.
So, the debate is also trying to address what it was that really worked in the past. And, it's a surprisingly difficult question, and also an uncomfortable one, as more and more, it seems to suggest that SSH worked, and HTTPS did not.
[2] Hence, the answer to the original question in the Subject line is probably "not here, sorry".
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
