Bob, Thanks for your comments!
it seems that you were more addressing the client certs issue, which has received relatively little attention (and relatively little success). Below, I'll comment on the server cert side only. >> We can show this empirically. If you look on the stats >> page for cert numbers, it is pretty clear that certs have >> failed to enter into the mass market, there are a relatively >> tiny 166k certs out there in web sites [1]. Even within >> this small body for certs users, there is a fairly high >> level of poor usage, by the standards of the cert suppliers, >> something well in excess of 50%, see the last table. > > Unfortunately mozilla, which it's shrinking user base, can make only a > small dent in this problem. I'd be interested in where you found out that mozilla is shrinking - are there any stats on that? Stats are always good... (Still, as we are talking about protecting mozilla users, it is irrelevant whether they are a shrinking percentage! They still exist out there, browsing away, as the group to serve.) > If 100% of the mozilla users get certs from > the myriad of free certificate sites that will supposedly be produced, I > doubt it could raise these numbers very much. Mozilla users would then have protected access to these sites. That would make Mozilla a more friendly, more secure and better browser. It would make the sites more secure as they would be more inclined to use certs. Once the effects are noted, I'd expect other browsers and CAs to follow suit. >> So, yes, just on the basis of cost alone, any increase >> in the raw number of certs out there will increase the >> security. And one way to do it is to lower the standard >> for getting certificates. I for one don't see that as a >> bad thing - I prefer to use standards to help me and others, >> not have standards use me for their own arcane purposes. > > This arguement doesn't hold up under scrutiny. We could increase the > number of certs out there to 100 % by having every browser automatically > generate their own self-signed certificates, and trusting any certificate > which is self-signed. Right, that would move all traffic from open, unencrypted to opportunistically encrypted. That would be a huge leap forward in security. > Now you have encryption without identity. Not correct. What you have is encryption to the site that was typed in (or c&p'd or cross- clicked) with the one exception that you are now vulnerable to an MITM. You would have "identity," with a smallish exception. > You know > your credit card transation was sent on a secure channel, you just don't > know to whom it was sent! Suddenly you can proxy SSL sites without the > user knowing. No, you are assuming that an MITM is costless and as common as water. No such world exists. Firstly, MITMs are difficult to organise. Secondly, they are risky, as they leave tracks. Thirdly, MITMs by their filter characteristics are highly targetted attacks (no mass MITMs) so the haul from one is limited to one card at a time. All of these factors combine to make an MITM a rather low risk. No self-respecting credit card thief would dabble in such arcania. > In order for PKI to work certs must have some value I think we are more concerned about protecting browser traffic for the ordinary user than "giving value to PKI and/or certs..." > (or we may as well > just exchange public keys Yes, OpenPGP users swear by this method. Good idea! But, unfortunately, that's not how SSL/ x.509/HTTPS was constructed. See point 12. The notion is to come up with the minimum changes possible to leverage all the underutilised code out there. > -- and let the governments of the world read all > our SSL traffic through their proxied firewalls). Well, governments are another threat, yes. But, they are a very very rare threat, and frankly, they ain't going to be doing any MITMs to the vast majority of their victims. Or, if they are, then they are happy to do a whole lot of other things too, like sneak in and install stuff on your machine, so there isn't much return on investment in worrying over much about them, for the *general* browser user. iang _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
