Duane wrote:
Nelson Bolyard wrote:
Let us suppose for this discussion that, within the next 90 days,
cacert.org gets into the trusted certs list, and consequently,
(If I understand what cacert.org is offering) you can then get a
legitimate SSL server cert from a trusted CA for free.
Why then would you continue to want or need to issue your own
server certs?
Cost. The CACerts that are above and are free
are only costless in terms of dollars sent to
Duane. There is still the cost of setting up
the server. What the server should do is start
up and generate its own self-signed cert on
install time, so it's up and running straight
away. That's free to the server operator, or,
it's indistinguishable in cost to the installation
of SSL server in the first place.
However, getting a cert from CACert or from any
where will always require some degree of mucking
around in protocol, and also in selection. As
browsers start to show that info to the users,
that will also create a draw up from self-signed
to "cheap and free" CAcerts, and then up to ones
with real due diligence applied.
Duane, I'd like to know your answer to this question, too.
You are, after all, trying to get into the trusted CA list.
If you succeed, why would you champion a UI policy that obviates
your service?
My comments have been to the effect the system is broken but nothing
better is being suggested... I don't think self signed or pgp styled
systems would even work large scale as well as the current CA based
system. For example I don't see how some person in the middle of Africa
would be able to build up a trust network that would extend to the
middle of South America, yet based on the sheer number of people that
exist I'm sure this very situation is happening at present... Even if it
is only the Nigerians trying to get 20 or whatever your site says you
sell and are more then happy to provide credit card details for the
purchase...
I'm not sure it is easy to graft WoT onto
SSL. For a start, x.509 doesn't support
multiple sigs on the certs. Secondly, there
is way too much assumption and infrastructure
out there assuming the one model. Thirdly,
WoT assumes a "web" and that's not really in
place with www, in the WoT sense, for browsing
(although it might be for S/MIME). Still,
there are a bunch of proposals out there...
My only other comment on this was the fact I wouldn't risk my life based
on PKI, don't get me wrong here it's not the technology I have doubts
about. Happy to use it to protect my credit card transactions, my pop3
connections hiding my password, my smtp connections and even my webmail,
however I wouldn't be happy to be a martyr for companies getting rich
from selling certificates who could be coerced into breaching trust, or
solely setup for the purpose of breaching if/when it was needed...
I've not heard of the dissident world trusting
certificates with lives, they mostly are rather
worried about the security model for browsing
and assume it has to be reworked. For example,
they have to assume that the machines - both
ends - have been tampered with, unless they
can prove otherwise. Now, as it happens, this
assumption completely breaks the SSL security
model, as documented, because the assumption
is "the network is untrusted, and the nodes
are trusted." But, the dissident guys (e.g.,
cryptorights.org) don't really care if the
security work was duff, they are more keen on
using what they can at a reasonable cost.
iang
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
