A healthy dose of paranoia is not a bad thing in a security type. If someone came out of the gate with your statement I'd normally not respond (even if I had plenty of time to do so). Since you seem generally open to reason I'll assume you haven't totally thought this through. My thoughts inline...
See that's been my whole issue with this, no one has responded, basically there is a potential to invade privacy, and I doubt that it would be done for online bank sites who they could easily compel for the information anyway. The NSA and other government agencies (US and otherwise), not to mention some ISPs have been involved in court cases where it was ruled in their favour, while I doubt anything has happened yet, it is simply one vector of attack that could be exploited.
Perhaps I should have used a more subtle variation.
ISP xyz, has access to intercept their clients email, so this would blow most authority of domain requests. Next they install it on a proxy so they can capture their clients web traffic, client doesn't suspect or realise anything is different, end result the ISP captures all credit card information, or maybe it's secure mail, or any number of other things people use SSL for.
I'll admit we are also vulnerable to this type of attack as well, on the other hand we're building up a web of trust with the intent of not issuing these types of certs in the long term either.
This may be true, I'm not sure that it is. I suppose that a court order is generally compelling so this doesn't sound impossible. On the other hand if there is an easier way to do it that is presumably a greater concern. How hard would be be to get a CA with an easier authentication process to issue a cert for any domain name that you wish that would be trusted by Firefox, IE, and Opera? In any case I think you would go along with any legitimate request made by a legitimate government authority; I would.
As above I was pointing out worst case, simply because I have not been blessed with a response from anyone about this.
There is some truth / value here but there's a usability issue too - hopefully a balance can be found. Perhaps for a user who participates in high value or high sensitivty transactions this is worth doing; for someone spending $27 online, the intrusion anytime the site renews it's certificate or changes CA providers or website hosters (if they use that route) this is probably overkill and will result in further training the user to say OK to anything that pops up.
I was chatting, and one thought on this was to potentially get round this by having a mini CRL that a client could download from the previous CA stating they have moved kind of like a 302 redirect. Obviously there is an issue with getting previous CAs to implement this as it wouldn't always be in their best interests. This would only ever need to be checked by each client once.
The right approach here in my opinion is to understand that not every user has the same level of savvy nor the same level of needs. When installing a browser, OS, or any other app a brief interview of the user might be a very nice approach. In the case of a web browser the two obvious questions are:
Again I realise this, but we should all be forced to bury our head in the sand and hope everything is just peachy 100% of the time. As SSL builds up in popularity, the risk here both by governments around the world and even just at a commercial, or single person corruption level will continue to escalate.
Again this isn't most likely to effect credit or financial requests, although that is definitely motive, such as the AOL employee that was caught selling email addresses, everything is valuable to someone.
And again Mozilla needs to work out who it's user base is and cater for them, because it's going backwards and forwards on joe nobody, and their developers and presently there is no way to use one mode or the other easily and it's going to bite someone somewhere eventually.
Ok here is where I think you haven't really thought it through. As you are probably aware VeriSign is scrutinized rather carefully. If CACert issues a bad cert - no offense - no one will notice - perhaps this will change in time. If VeriSign changes the root level domain-name-system zone files for a website that is used it will be noticed and it will be talked about broadly; even the smallest change gets noticed and discussed (lurk on NANOG the north american network operator group email list - the smallest squeak in anything VeriSign does shows up initially as a doomsday warning in that very broadly distributed list).
Again, worst case, it's possible, but unlikely to happen.
Another easier attack would be to sneak evil-ware onto your machine - most people are using relatively vulnerable operating systems and relatively vulnerable client software - most of which do not require signing nor revocation checking. I can't remember the last time I saw a month go by without learning of an available attack vector. I think this is the target space that is being worked most aggresively today - I'll use SP2 as an example of that, it broke functionality but it made Windows users much better off. I'm hoping we'll see another improvement with IE7 but I'm not going to bet on it until I see it :)
In any case if the users computer is infect a root cert in theory could be installed as well, so an end point compromised you're pretty much screwed, they don't even go to the trouble of installing certs, they just key log instead.
--
Best regards, Duane
http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers
"I do not try to dance better than anyone else.
I only try to dance better than myself."
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
