Gervase Markham wrote:
Ian G wrote:
The point I am making is that users understand
branding. Their understanding of branding gives
them information that they can use. You're right
to point out that that will use this branding info
in different ways.
In this case, they can use the information to understand
the risks. We're not asking anyone to "choose a CA".
Instead, we're asking the users to a) choose to avoid
CAs and merchants where the CAs have a bad rep,
I am highly sceptical that we can ever raise a user's CA branding
awareness and security awareness to a point where they will choose not
to shop with their preferred retailer when they otherwise would,
merely because of the CA that retailer has chosen.
We are not asking them to choose not to shop
with their preferred retailer. We are simply
making them aware of the risks when they do
so. It's a different thing.
Earlier, you pointed out the branding success of Intel.
Yes. Branding works. It works for ordinary
people; it works for non-technical users.
Intel has had correctness scares in the past over bugs in Pentiums,
and privacy scares over things like chip ID; however, no-one goes into
an Internet cafe and demands an AMD computer because an Intel chip
might get calculations wrong on their machine and corrupt their email,
or might send copies of it to Intel.
Right. We aren't asking them to "change CA."
We are asking them to be aware that when
they shop at their favourite shop, that the
choice includes a component of risk towards
the CA, as well as towards the retailer.
Right now, they are unaware of that risk, and
they can't understand why the phishing occurs.
Part of the deal with addressing phishing is
getting the real security information to them;
such that users can assess whether a phishing
attempt is underway.
As a short term phase, it is important to move
secure form filling across to SSL. So that the
users know and work with this. That means
making it much more obvious ...
As a next term phase, we have to be ready
for when phishers attack HTTPS. They will
do this easily by simply buying Shmoo-like cert.
The system will hide the switch.
To get users to appreciate the switch from one
good cert to either another dodgy one, or none,
we need to get them looking at the CA. And if
the same CA issues the dodgy cert, well, then,
they are on the hook for both ends.
and also to notice when a CA changes. If a CA changes,
that's a signal that they may be being spoofed.
It's also a signal that the merchant concerned has heard of problems
with their original CA and switched.
Therefore, a "good thing" (merchants switching CAs), as defined by
this strategy, has almost exactly the same UI effect as a "bad thing"
(spoofing). This is deeply concerning.
Right, it is up to the merchant to manage that
process, and the user to be aware of better
branding. There will be a tendency to get a
decently branded cert, and to stick with the
same supplier.
A switch from bad cert to good cert is similar
in general appearance to good --> bad. This
means we have a good signal, and a bad signal.
That's in exchange for no signal. The system
isn't perfect, no system is. It's just what we can
do with the system we've got.
Fundamentally, when we had no market share, we had no leverage. When
we have some, we'll have some. So how about this for an idea to kick
around:
- CA Foo issues a bunch of duff certs to phishers
- People lose money
- The MF decides, pragmatically, that CA Foo has sold too many certs
to yank their root cert, due to user inconvenience.
- The MF instead declares that CA Foo's root cert will be yanked in
6 months, unless they clean up their act, and that sites should not
rely on CA Foo's certs working in 15% of browsers 12 months from now.
- The resultant storm of publicity and uncertainty and doubt causes
CA Foo registrations to drop, and CA Foo to clean up their act, and
beg us to issue a joint press release to that effect.
It might work...
Sure, something like that.
Note that this plan doesn't require and end user action, or CA names
in chrome.
Sure. It also gets MF sued because they shipped a
browser that users can trust in, and it hid the true
risks from them. By hiding the true risks, and by
allowing a 12 month window in which CA Foo and
its dodgy mates rip of thousands of customers, the
degree of harm is somewhat unlimited.
Neither of those are tractable. It isn't possible for
MF to respond to CA Foo fast enough to limit
damages - because users don't patch. And, it isn't
possible to avoid the liability implied by "if the padlock
is set, you are safe."
This is why the original security model had the CA
on the chrome. That got dropped because there was
no threat, and nobody thought it worthwhile. Now
there's a threat, and now people are losing money.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
