I wrote:
History: The model has not always been binary. In Netscape
Navigator 3,
the browser used a key icon that had 3 states:
- broken
- short, with one tooth
- long, with two teeth.
Two teeth meant "good enough for banking", and one tooth meant
"better than nothing, but not good enough for banking".
Frank Hecker replied:
A minor correction, but IMO a pertinent one: one tooth actually meant
"encrypted using a 40-bit symmetric key" and two teeth meant
"encrypted using a 128-bit key". Equating that distinction to "not
good enough for banking" vs. "good enough for banking" was an
after-the-fact interpretation, an interpretation that was to some
extent subjective. And in any case the question of key length was
orthogonal to the question of "high assurance" certs vs. "low
assurance" certs.
Ian G wrote:
[...] that whole 40-bit key thing was nothing to do with banking.
It was all to do with the crypto export restrictions,
Banks told their users "40 bits isn't good enough", and "we won't
let you do online banking with us with a browser that can only do
40 bit crypto". The users didn't know 40-bit crypto from Limburger,
but they got the message that it their browser could only show one
tooth, it wasn't good enough for banking. They wanted browsers
good enough for banking. They understood that good enough for
banking also meant good for security in lots of other areas too.
Being good enough for banking was the driving force of much that
happened in the development of SSL.
40-bit crypto was fine for banking and probably still is,
as we lack any viable threat model for eavesdropping, and
That's not true.
Transparent proxies abound. All the residents of the nation of
china have 100% of their international traffic eavesdropped.
The world's largest ISP still uses transparent proxies for all
non-SSL traffic. Many other ISPs do also.
And there are proxies operating now that do real MITM attacks
against SSL that passes through them. To use these proxies,
you must agree to an end user agreement and download their
software that installs their root CA cert. The end user agreement
prevents the user from taking any action against them for their
snooping. The user even agrees to "hold them harmless" against
any legal action that might come against them as a result of the
user blowing the whistle. Recent reports say there are tens of
thousands of users of it.
--
Nelson B
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
