Duane wrote:
I lost track of the number of people telling me how they stripped their browsers bare of almost all CAs except for Verisign and one or two others because they simply don't trust all CAs firefox/mozilla says they should trust...
People do that? Hmmm... as you wrote this, Steve Bellovin (a well known crypto guy) posted this over on the cryptography list:
-------- Original Message --------
Subject: Re: A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
Date: Thu, 10 Feb 2005 18:24:46 -0500
From: Steven M. Bellovin <[EMAIL PROTECTED]>
In message <[EMAIL PROTECTED]>, Amir Herzberg writes:
Steve, my point was not the trivial fact that TrustBar would not display the homograph; suppose it did... even then, the user is _asked_ about the certificate, since it was signed by an unusual CA that the user did not specify as `to be trusted always`; this should certainly be a good warning for most users (and of course, a good situation to check for tricks such as homographs...).
And even if some user allowed this CA as `always trusted`, there is still a fair chance he'll notice that the brand of CA on his bank's site has suddenly changed... which may also raise the alarm.
"Unusual CA"? I'm not sure what a *usual* CA is.
Just for fun, I opened up the CA list that came with my copy of Firefox. There are no fewer than 40 different entities listed, many of whom have more than one certificate. I personally know less than half of them to be trustworthy -- and that's assuming that, say, Thawte, Thawte Consulting, and Thawte Consulting cc are all the same company and I can count that as three different ones. I had no idea that that the U.S. Postal Service had a CA that was trusted by my browser -- and I dare say that many non-Americans wouldn't trust it at all, on the assumption that it would do whatever the U.S. government told it to do. (For such people: the relationship between the USPS and the government is complex. Let it suffice to say that they moved from .gov to .com, and they had quasi-valid reasons for doing so.) Baltimore is listed; last I heard, they were out of business. Is a private root key (or the equivalent signing device) an asset that can be acquired under bankruptcy proceedings? Almost certainly. The following text appears in the December 2004 Shareholder Circular I found at www.baltimore.com:
The Company sold the last of its remaining operating
businesses in 2003, and has not engaged in operating
activities since that time. Since taking office in July
2004, the Company's new Board of Directors has been working
to resolve all significant legacy issues, to identify a
means of utilising the Company's remaining non-cash assets,
toreduce costs so as to maximise the cash available for
future deployment and to review appropriate business
opportunities to enhance shareholder value. Paragraph 5 of
Part II of this document describes, among other things,
the current position relating to the utilisation of the
Company's non-cash assets.Apart from the question of whether or not EvilHackerDudes.Org, a sub rosa
corporation, purchased that key, the fact that this CA is out of business
is certainly good cause for a bank to change its CA. Would you like
to be the supervisor of customer service when people start calling
about this problem their browser is complaining about? Remember that
99.99% of people have no idea what a certificate is, what a CA is, or
how to judge whether or not a given CA exercises due diligence when
issuing a cert.
One member of this mailing list, in a private exchange, noted that he had asked his bank for their certificate's fingerprint. My response was that I was astonished he found someone who knew what he was talking about.
I'm not saying your toolbar is a bad idea; in fact, I think it's a good one. But the problem of verifying certificates is a very deep one, and simple answers will not solve the phishing or MITM problem.
-- News and views on what matters in finance+crypto: http://financialcryptography.com/
_______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
