Re: Client Certificate UI for Chrome?

2009-08-11 Thread Frank Siebenlist

[Moderator's note: top posting considered harmful:
 http://www.mail-archive.com/cryptography@metzdowd.com/msg09287.html
   --Perry]

Just to complicate things a little... we're working with a number of  
groups now who are using onlineCAs that issue short-lived x509 certs  
derived from a primary authN mechanism like passwords or OTP.


It would be great to bake that functionality into chrome: use TLS-SRP/ 
PSK to authN to an onlineCA to obtain your short-lived cert in real- 
time.


-Frank.


On Aug 6, 2009, at 5:49 AM, Peter Gutmann wrote:


Ben Laurie b...@google.com writes:


So, I've heard many complaints over the years about how the UI for
client certificates sucks. Now's your chance to fix that problem -
we're in the process of thinking about new client cert UI for Chrome,
and welcome any input you might have. Obviously fully-baked proposals
are more likely to get attention than vague suggestions.


This is predicated on the assumption that it's possible to make  
certificates
usable for general users.  All the empirical evidence we have to  
date seems to
point to this not being the case.  Wouldn't it be better to say  
What can we
do to replace certificates with something that works?, for example  
TLS-SRP

or TLS-PSK?

Peter.

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


---
Frank Siebenlist - fra...@mcs.anl.gov
The Globus Alliance | Argonne National Laboratory | University of  
Chicago


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: TLS-SRP TLS-PSK support in browsers (Re: Dutch Transport Card Broken)

2008-02-06 Thread Frank Siebenlist

Peter Gutmann wrote:

Frank Siebenlist [EMAIL PROTECTED] writes:


That's actually a sad observation.

I keep telling my colleagues that this technology is coming any day now to
a browser near you - didn't realize that that there was no interest with the
browser companies to add support for this...


I know of a number of organisations (mostly governmental, but also some
financial) in various countries who are really, really keen to get support for
(as James Donald pointed out) cryptographically secured relationships (not
requiring PKI would be a big feature) into browsers, but no-one knows who to
beat over the head about it.  The last group I talked to (banks) were hoping
to use commercial pressure to get MS to add support for it in IE7^H^H8 at
which point Firefox would be forced to follow, but it's a slow process.



With the big browser war still going strong, wouldn't that provide 
fantastic marketing opportunities for Firefox?


If Firefox would support these secure password protocols, and the banks 
would openly recommend their customers to use Firefox because its safer 
and protects them better from phishing, that would be great publicity 
for Firefox, draw more users, and force M$ to support it too in the long 
run...




Why do the browser companies not care?
What is the adoption issue?
Still the dark cloud of patents looming over it?
Not enough understanding about the benefits? (marketing)
Economic reasons that we wouldn't buy anymore server certs?


I think it's a combination of two factors:

1. Everyone knows that passwords are insecure, so it's not worth trying to do
   anything with them.

   (My counter-argument to this is that passwords are only insecure because
   protocol designers have chosen to make them insecure, see my previous post
   about the quaint 1970s-vintage hand-over-the-password model used by SSH and
   SSL/TLS).



...these protocol would even make the use of one-time-passwords more 
secure (no MITM exposure - phishing), and make them securely usable 
without any server-certs...




2. If you add failsafe authentication to browsers, CAs become redundant.

   (My counter-argument to this is to ask whether browser security exists in
   order to provide a business model for CAs or to protect users.  Currently
   it seems to be the former, with EV certs being a prime example).



I was afraid that this cynical argument would play a role... so the 
server-cert racketeering scheme has just been made more profitable 
through more expensive but equally trustworthy EV-certs, which makes 
it more difficult to introduce alternatives that don't fit into this 
business model...


On the other hand, I'm sure that the marketeers will be able to sell 
server-certs together with those secure passwords protocols to the naive 
customers as it will be very difficult to explain why you do/don't need 
the certs and why it would more/less secure...


-Frank.

--
Frank Siebenlist   [EMAIL PROTECTED]
The Globus Alliance - Argonne National Laboratory

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


TLS-SRP TLS-PSK support in browsers (Re: Dutch Transport Card Broken)

2008-02-01 Thread Frank Siebenlist

Peter Gutmann wrote:

Perry E. Metzger [EMAIL PROTECTED] writes:


SSL involves digital certificates.

Not really, James Donald/George W. Bush. It involves public keys, and it
provides a channel by which X.509 certificates can be exchanged,


Actually it doesn't even require X.509 certs.  TLS-SRP and TLS-PSK provide
mutual authentication of client and server without any use of X.509.  The only
problem has been getting vendors to support it, several smaller
implementations support it, it's in the (still unreleased) OpenSSL 0.99, and
the browser vendors don't seem to be interested at all, which is a pity
because the mutual auth (the server has to prove possession of the shared
secret before the client can connect) would significantly raise the bar for
phishing attacks.

(Anyone have any clout with Firefox or MS?  Without significant browser
support it's hard to get any traction, but the browser vendors are too busy
chasing phantoms like EV certs).


That's actually a sad observation.

I keep telling my colleagues that this technology is coming any day
now to a browser near you - didn't realize that that there was no
interest with the browser companies to add support for this...

Why do the browser companies not care?
What is the adoption issue?
Still the dark cloud of patents looming over it?
Not enough understanding about the benefits? (marketing)
Economic reasons that we wouldn't buy anymore server certs?

-Frank.

--
Frank Siebenlist   [EMAIL PROTECTED]
The Globus Alliance - Argonne National Laboratory


smime.p7s
Description: S/MIME Cryptographic Signature


Re: New article on root certificate problems with Windows

2007-07-21 Thread Frank Siebenlist
(I don't have access to windoze... cannot verify if my suggestion would
work...)

Can't you replace the installed root certs with empty files or bogus
content such that they will fail path validation and still trick MS not
to re-install them?

-Frank.




Jeffrey Altman wrote:
 [EMAIL PROTECTED] wrote:
 The executive summary, so I've got something to reply to:

   In the default configuration for Windows XP with Service Pack 2 (SP2),
 if a
   user removes one of the trusted root certificates, and the certifier who
   issued that root certificate is trusted by Microsoft, Windows will
 silently
   add the root certificate back into the user's store and use the original
   trust settings.

 While I don't agree with this behaviour, I can see why Microsoft would do
 this, and I can't see them changing it at any time in the future.  It's the
 same reason why they ignore key usage restrictions and allow (for
 example) an
 encryption-only key to be used for signatures, and a thousand other
 breaches
 of PKI etiquette: There'd be too many user complaints if they didn't.
 
 The real flaw that I see in their design is that they permit
 certificates that they installed to be removed.  Instead they should
 have provided a disabled feature so that those who wish to disable
 installed certs can do so and thereby ensure that in the future they
 won't be restored.
 
 Jeffrey Altman
 

-- 
Frank Siebenlist   [EMAIL PROTECTED]
The Globus Alliance - Argonne National Laboratory

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Cash, Credit -- or Prints?

2004-10-12 Thread Frank Siebenlist
-digit ID codes with fingerprint scanning to
virtually eliminate false readings.
Makers of fingerprint readers acknowledge the privacy concerns. But they
maintain that the threat of personal invasion is minimized because most
systems don't store the actual print, but instead use it to generate a
unique series of numbers that can't be reverse-engineered to re-create the
print. And public willingness to submit to fingerprint readers has soared
since the 2001 terrorist attacks, as the need for security overcomes
worries about unwarranted intrusion.
While the market for fingerprint readers is small, it is growing fast.
International Biometric Group, a New York market-research firm, predicts
that sales will rise 86% to $368 million this year from $198 million last
year. AuthenTec Inc., of Melbourne, Fla., which makes the
fingerprint-reading chips used in the LG cellphone, expects to ship more
than three million of them this year, triple the level of 2003. Their 
price
has fallen below $6 apiece, and Scott Moody, AuthenTec's chief executive,
sees that dropping below $4 next year.

Ubiquitous use of fingerprints could eliminate a huge consumer headache:
remembering passwords for various Web sites. With American Power's
fingerprint reader, users register all of their passwords online, along
with the associated Web sites. Then they never have to type in a password
again.
Our parents didn't deal with the problem of remembering 20 passwords, and
our grandkids won't even know what they are, says IBM's Mr. McKeon.
Potentially, fingerprint readers also could replace credit and debit 
cards.
Pay by Touch Co., a closely held San Francisco company that is working 
with
IBM, installs fingerprint readers in retail stores where customers can
register their fingers by touching the pad five times. Then they can
register supermarket loyalty cards and several credit card-numbers. They
even can use the fingerprint reader to withdraw money from a checking
account at the cash register.

Another use: A consumer could register a driver's license and his or her
age with the system, so clerks won't have to examine identification cards
for purchases of beer or cigarettes. The next time the customer checks 
out,
he or she just touches the pad, enters his or her phone number and selects
from the list of payment options. Pay by Touch, which charges retailers 5
to 10 cents per transaction, claims the system reduces checkout time 
by 30%.

One early user of Pay by Touch are a handful of Piggly Wiggly 
supermarkets.
After installing the system in four stores in July, a good, strong
percentage of our transactions are done by touch already, says David
Schools, senior vice president of Piggly Wiggly Carolina Inc., based in
Charleston. He declined to be more specific. The chain hopes that 
customers
will register checking accounts and make electronic withdrawals via
fingerprint ID to pay for purchases, which would save the grocer steep
credit-card or debit-card fees.

IBM says that convenience stores are experimenting with fingerprints as an
alternative to radio-frequency identification cards like Exxon Mobil
Corp.'s Speedpass, to deal with the sweaty jogger problem -- cashless
runners coming in for coffee or Gatorade. The problem with RFID cards is
that anyone can use one that is lost or stolen. Not so with fingerprints.
Jeff Baughan, vice president of information technology at Catholic Health
Systems in Buffalo, N.Y., says he anticipates some day installing wireless
readers on the carts used by nursers that would read patients' fingers, to
double-check that the right patient gets the right medicine. 
Currently, the
health-care system is installing Ultra-Scan Corp. devices that read 
fingers
to register incoming patients and make sure that different people aren't
using the same insurance card.

Fingerprint-scanner authorization also is being used by business owners as
a replacement for lock combinations on safes. Traditionally, two people
are given the same combination, and if there's a loss, how can you figure
out who took it? says Edward McGunn, president of Corporate Safe
Specialists Inc., of Posen, Ill. He predicts that within two years, 80% of
his sales will be fingerprint safes, partly because it's much simpler to
train an unskilled manager to open one. This is the most exciting time to
be in the safe business in my lifetime, says Mr. McGunn, a
third-generation safe maker.

--
Frank Siebenlist [EMAIL PROTECTED]
The Globus Alliance - Argonne National Laboratory
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]