Ken Hornstein <[EMAIL PROTECTED]> writes: > I was trying to be nice ... but yes, I agree with you. Perhaps "great" > is too strong. So far, it seems that there haven't been too many > problems in the common "I'm want to be sure I'm actually visiting > https://www.paypal.com and not someone else" case ... if there was > someone who was handing out paypal/amazon/ebay certificates and they > were listed as a trusted CA in web browsers, people would be all over > them.
I think there haven't been many problems in practice because in practice people don't use SSL certificates for authentication. They're used to bootstrap encryption, but most end-users never bother to check anything about the SSL certificate. The verification procedures are horribly inadequate for real security, but authentication is mostly done via being careful about what's in the URL bar and what one clicks on. I get regular messages from my bank telling me to never click on any link for them in an e-mail message and to type their URL in by hand from paper mail and then bookmark it. If SSL certificate checking were effective authentication, this sort of nonsense wouldn't be necessary, but in practice there are so many ways around it (browser bugs that change the URL bar, using domains like www.major-bank.ssl-verified.com, using disguised URLs in e-mail messages where the link text says you're going one place and the URL goes somewhere else, disguising URLs using username or password components to the URL, etc.) that people don't even bother to attack via getting bogus SSL certificates. Not that that would be particularly hard either (although as you say, if it affected major sites there would be a big stink). > That one time Verisign gave out a Microsoft code-signing certificate to > some unknown person (I thought it was Verisign, but maybe it wasn't > ... it was one of the big names though), it was a huge deal. But before > I trusted a Verisign-signed certificate, I'd want to do some out-of-band > verification that it belonged to who they said it did ... and in that > case, the person should just save their money and give me their > certificate directly to sign. If there was a PKI I felt I could trust, > I'd feel differently. Yeah, exactly. There are PKIs that one can trust in particular problem domains (InCommon appears to be doing a reasonable job with Shibboleth, for instance), but for general identity management for any random person or site? Not so much. And that doesn't even get into the problems of multiple people with the same name, people who change their names but have credentials tied to their old names, people with obscure and changing affiliations, people who lose their credentials, and all the other fun of real-life identity management. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
