Re: Client Certificate UI for Chrome?
[Moderator's note: top posting considered harmful: http://www.mail-archive.com/cryptography@metzdowd.com/msg09287.html --Perry] Just to complicate things a little... we're working with a number of groups now who are using onlineCAs that issue short-lived x509 certs derived from a primary authN mechanism like passwords or OTP. It would be great to bake that functionality into chrome: use TLS-SRP/ PSK to authN to an onlineCA to obtain your short-lived cert in real- time. -Frank. On Aug 6, 2009, at 5:49 AM, Peter Gutmann wrote: Ben Laurie b...@google.com writes: So, I've heard many complaints over the years about how the UI for client certificates sucks. Now's your chance to fix that problem - we're in the process of thinking about new client cert UI for Chrome, and welcome any input you might have. Obviously fully-baked proposals are more likely to get attention than vague suggestions. This is predicated on the assumption that it's possible to make certificates usable for general users. All the empirical evidence we have to date seems to point to this not being the case. Wouldn't it be better to say What can we do to replace certificates with something that works?, for example TLS-SRP or TLS-PSK? Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com --- Frank Siebenlist - fra...@mcs.anl.gov The Globus Alliance | Argonne National Laboratory | University of Chicago - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: TLS-SRP TLS-PSK support in browsers (Re: Dutch Transport Card Broken)
Peter Gutmann wrote: Frank Siebenlist [EMAIL PROTECTED] writes: That's actually a sad observation. I keep telling my colleagues that this technology is coming any day now to a browser near you - didn't realize that that there was no interest with the browser companies to add support for this... I know of a number of organisations (mostly governmental, but also some financial) in various countries who are really, really keen to get support for (as James Donald pointed out) cryptographically secured relationships (not requiring PKI would be a big feature) into browsers, but no-one knows who to beat over the head about it. The last group I talked to (banks) were hoping to use commercial pressure to get MS to add support for it in IE7^H^H8 at which point Firefox would be forced to follow, but it's a slow process. With the big browser war still going strong, wouldn't that provide fantastic marketing opportunities for Firefox? If Firefox would support these secure password protocols, and the banks would openly recommend their customers to use Firefox because its safer and protects them better from phishing, that would be great publicity for Firefox, draw more users, and force M$ to support it too in the long run... Why do the browser companies not care? What is the adoption issue? Still the dark cloud of patents looming over it? Not enough understanding about the benefits? (marketing) Economic reasons that we wouldn't buy anymore server certs? I think it's a combination of two factors: 1. Everyone knows that passwords are insecure, so it's not worth trying to do anything with them. (My counter-argument to this is that passwords are only insecure because protocol designers have chosen to make them insecure, see my previous post about the quaint 1970s-vintage hand-over-the-password model used by SSH and SSL/TLS). ...these protocol would even make the use of one-time-passwords more secure (no MITM exposure - phishing), and make them securely usable without any server-certs... 2. If you add failsafe authentication to browsers, CAs become redundant. (My counter-argument to this is to ask whether browser security exists in order to provide a business model for CAs or to protect users. Currently it seems to be the former, with EV certs being a prime example). I was afraid that this cynical argument would play a role... so the server-cert racketeering scheme has just been made more profitable through more expensive but equally trustworthy EV-certs, which makes it more difficult to introduce alternatives that don't fit into this business model... On the other hand, I'm sure that the marketeers will be able to sell server-certs together with those secure passwords protocols to the naive customers as it will be very difficult to explain why you do/don't need the certs and why it would more/less secure... -Frank. -- Frank Siebenlist [EMAIL PROTECTED] The Globus Alliance - Argonne National Laboratory - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
TLS-SRP TLS-PSK support in browsers (Re: Dutch Transport Card Broken)
Peter Gutmann wrote: Perry E. Metzger [EMAIL PROTECTED] writes: SSL involves digital certificates. Not really, James Donald/George W. Bush. It involves public keys, and it provides a channel by which X.509 certificates can be exchanged, Actually it doesn't even require X.509 certs. TLS-SRP and TLS-PSK provide mutual authentication of client and server without any use of X.509. The only problem has been getting vendors to support it, several smaller implementations support it, it's in the (still unreleased) OpenSSL 0.99, and the browser vendors don't seem to be interested at all, which is a pity because the mutual auth (the server has to prove possession of the shared secret before the client can connect) would significantly raise the bar for phishing attacks. (Anyone have any clout with Firefox or MS? Without significant browser support it's hard to get any traction, but the browser vendors are too busy chasing phantoms like EV certs). That's actually a sad observation. I keep telling my colleagues that this technology is coming any day now to a browser near you - didn't realize that that there was no interest with the browser companies to add support for this... Why do the browser companies not care? What is the adoption issue? Still the dark cloud of patents looming over it? Not enough understanding about the benefits? (marketing) Economic reasons that we wouldn't buy anymore server certs? -Frank. -- Frank Siebenlist [EMAIL PROTECTED] The Globus Alliance - Argonne National Laboratory smime.p7s Description: S/MIME Cryptographic Signature
Re: New article on root certificate problems with Windows
(I don't have access to windoze... cannot verify if my suggestion would work...) Can't you replace the installed root certs with empty files or bogus content such that they will fail path validation and still trick MS not to re-install them? -Frank. Jeffrey Altman wrote: [EMAIL PROTECTED] wrote: The executive summary, so I've got something to reply to: In the default configuration for Windows XP with Service Pack 2 (SP2), if a user removes one of the trusted root certificates, and the certifier who issued that root certificate is trusted by Microsoft, Windows will silently add the root certificate back into the user's store and use the original trust settings. While I don't agree with this behaviour, I can see why Microsoft would do this, and I can't see them changing it at any time in the future. It's the same reason why they ignore key usage restrictions and allow (for example) an encryption-only key to be used for signatures, and a thousand other breaches of PKI etiquette: There'd be too many user complaints if they didn't. The real flaw that I see in their design is that they permit certificates that they installed to be removed. Instead they should have provided a disabled feature so that those who wish to disable installed certs can do so and thereby ensure that in the future they won't be restored. Jeffrey Altman -- Frank Siebenlist [EMAIL PROTECTED] The Globus Alliance - Argonne National Laboratory - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Cash, Credit -- or Prints?
-digit ID codes with fingerprint scanning to virtually eliminate false readings. Makers of fingerprint readers acknowledge the privacy concerns. But they maintain that the threat of personal invasion is minimized because most systems don't store the actual print, but instead use it to generate a unique series of numbers that can't be reverse-engineered to re-create the print. And public willingness to submit to fingerprint readers has soared since the 2001 terrorist attacks, as the need for security overcomes worries about unwarranted intrusion. While the market for fingerprint readers is small, it is growing fast. International Biometric Group, a New York market-research firm, predicts that sales will rise 86% to $368 million this year from $198 million last year. AuthenTec Inc., of Melbourne, Fla., which makes the fingerprint-reading chips used in the LG cellphone, expects to ship more than three million of them this year, triple the level of 2003. Their price has fallen below $6 apiece, and Scott Moody, AuthenTec's chief executive, sees that dropping below $4 next year. Ubiquitous use of fingerprints could eliminate a huge consumer headache: remembering passwords for various Web sites. With American Power's fingerprint reader, users register all of their passwords online, along with the associated Web sites. Then they never have to type in a password again. Our parents didn't deal with the problem of remembering 20 passwords, and our grandkids won't even know what they are, says IBM's Mr. McKeon. Potentially, fingerprint readers also could replace credit and debit cards. Pay by Touch Co., a closely held San Francisco company that is working with IBM, installs fingerprint readers in retail stores where customers can register their fingers by touching the pad five times. Then they can register supermarket loyalty cards and several credit card-numbers. They even can use the fingerprint reader to withdraw money from a checking account at the cash register. Another use: A consumer could register a driver's license and his or her age with the system, so clerks won't have to examine identification cards for purchases of beer or cigarettes. The next time the customer checks out, he or she just touches the pad, enters his or her phone number and selects from the list of payment options. Pay by Touch, which charges retailers 5 to 10 cents per transaction, claims the system reduces checkout time by 30%. One early user of Pay by Touch are a handful of Piggly Wiggly supermarkets. After installing the system in four stores in July, a good, strong percentage of our transactions are done by touch already, says David Schools, senior vice president of Piggly Wiggly Carolina Inc., based in Charleston. He declined to be more specific. The chain hopes that customers will register checking accounts and make electronic withdrawals via fingerprint ID to pay for purchases, which would save the grocer steep credit-card or debit-card fees. IBM says that convenience stores are experimenting with fingerprints as an alternative to radio-frequency identification cards like Exxon Mobil Corp.'s Speedpass, to deal with the sweaty jogger problem -- cashless runners coming in for coffee or Gatorade. The problem with RFID cards is that anyone can use one that is lost or stolen. Not so with fingerprints. Jeff Baughan, vice president of information technology at Catholic Health Systems in Buffalo, N.Y., says he anticipates some day installing wireless readers on the carts used by nursers that would read patients' fingers, to double-check that the right patient gets the right medicine. Currently, the health-care system is installing Ultra-Scan Corp. devices that read fingers to register incoming patients and make sure that different people aren't using the same insurance card. Fingerprint-scanner authorization also is being used by business owners as a replacement for lock combinations on safes. Traditionally, two people are given the same combination, and if there's a loss, how can you figure out who took it? says Edward McGunn, president of Corporate Safe Specialists Inc., of Posen, Ill. He predicts that within two years, 80% of his sales will be fingerprint safes, partly because it's much simpler to train an unskilled manager to open one. This is the most exciting time to be in the safe business in my lifetime, says Mr. McGunn, a third-generation safe maker. -- Frank Siebenlist [EMAIL PROTECTED] The Globus Alliance - Argonne National Laboratory - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]