Nelson B wrote: > Ben, (and others who think SSH is the answer):
Nelson, I wonder if you misunderstand what people are saying. I know this is a tough ask, most people who have spent much of the last decade working on SSL security systems also take any criticism of the whole SSL thing as an unwarranted attack. Nobody is saying that "SSH is *the* answer." And, nobody is saying that the CA system be disabled, or dismantled or disposed of. Nobody is suggesting that the lines of code that people have slaved over are to be wasted or thrown away. Also, nobody is saying "we should get rid of all the CAs." There is no change to the crypto protocols mooted, no reduction in the information available to the user, and no reduction in their choices. What instead people *are* saying is that CAs aren't the only way to do security, and that SSH offers a successful example of another way. What is being proposed is not less CA certs, but more CA certs. CAs are needed by some people, but not by all people. There shouldbe more information for users describing the real details on the cert, rather than a bland and tiny lock symbol that we all agree is ignored. > Live with what you propose. No cheating. Then after 90 days, come back > and tell me you never needed any CAs to do anything. Tell us how many > calls you had to make to get fingerprints. Tell us how many times you > wanted to visit a web site but found that the cert was untrusted. > Tell us how much better that was than with CAs. People do this all the time over HTTP. ... > When you and numerous others can honestly tell us that's better, THEN > maybe mozilla should start to consider that approach. This is why I keep my ear to the ground for any data about MITMs. There is very little. There is the one story I heard on this group, relating to a credit card on a student campus, and then there a few stories from other protocol areas (one email story, and one other, can't recall right now). This allows me to claim - honestly - that MITM is not the threat that you think it is. I can't prove it because there is an absence of information. But, I can show - honestly - that credit cards do not in general get stolen over HTTP(S), because the card issuers know of few or no cases, even though there are large numbers of merchants that use HTTP and email for transmission of credit card info. They get stolen by hackers and inside thefts, because crooks can count and they understand the risks. Now, can you honestly tell us that phishing is not a threat, and Mozilla shouldn't respond to it? Phishing is a direct attack on the browser's security model, and it breaches it very nicely. Your favourite bank has been attacked by phishing (if it is of any size and is in the USA, that is, you can look it up on the antiphishing.org site). Your favourite bank is suffering because what was supposed to be secure, isn't. Phishing is addressed by the sort of measures we have proposed, which you think to be bad. So, honestly, what do have to do to get Mozilla to start considering improving security to cope with the threats that are today breaching the security model? > In the meantime, the issue before mozilla foundation is to choose new > CAs for admission to the list of trusted CAs. > I'm all for open discussions, in the newsgroups, where they belong. We're ok, then. The point of discussing the CA admission policy within the realms of a wider security discussion is that without an understanding of the "one size fits all" CA bug, any policy is ... as good as the next. If however, the "one size fits all" issue can included in the discussion, then a policy can be created that a) makes sense in the face of the bug, and b) aims at a suitable point when the bug can be addressed in the security model. (All of which can be done without disabling certs.) iang _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
