Frank Hecker wrote:
(Last one!)
(So, for example, when a user is presented information about an
SSL-enabled site with a "control of domain" cert issued by the Foo Class
1 CA, Firefox might display something like "The site you connected to
has the domain name 'www.acmewidgets.com', as verified by the 'Foo Class
1 CA' independent service", while for "claimed identity" certs Firefox
might display something like "The site you connected to has the domain
name 'www.acmewidgets.com' and is operated by 'Acme Widgets, Inc.', as
verified by the 'Foo Class 1 CA' independent service.")
The difficulty I see here is that a Cert has to
non-arbitrarily describe whether it is a control-
of-domain cert or whether it is a claimed-identity
cert. I don't see this as an easy thing to do.
Yes, there could be a bit in there. But, the
history of certs seems to indicate that relying
on bits for important statements has been
troublesome.
Now, would users and others insist on attaching meaning to the UI
differences, i.e., that seeing the padlock means "safe for
e-commerce/banking" and seeing the checkmark means "not safe enough"? Of
course they would; this is inevitable given that (at least some) users
already existing expectations, and that CAs and operators of major
e-commerce and financial sites have an interest in promoting and
reinforcing those expectations. But we as browser vendors don't have to
join them in doing this, and arguably it would be better if we didn't.
Right. Any one bit distinction is going to suffer
a need for widespread adoption (yeah, roight...)
and also a way of dealing with cheaters. We don't
have any power over a CA that decides to set the bit
in all certs, and then fob us off with excuses about
how their Nepalese call-centre operation did in fact
look at the png of a drivers licence.
It's for complex reasons like these that I like the
idea of putting the logo of the CA where all the other
stuff is. If the CA logo is one to one with the root
cert that signed, then it's up to the CA to brand his
logo for each root cert. If he wants 2 products, he
teaches his user base to look for the cheap green logo
and the expensive purple logo. If he wants 10 products
he pays more money and gets more 'brand' in which case
there is a natural limit on his use of the system.
And, there is no way a CA can cheat this system, as
if he cheats, it just causes a brand shift in the
user base. "Yeah, those purple ones aren't worth
it any more..."
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
