Marsh Ray ma...@extendedsubset.com writes:
The CAs can each fail on you independently. Each one is a potential weakest
link in the chain that the Relying Party's security hangs from. So their
reliability statistics multiply:
one CA: 0.99 = 99% reliability
two CAs: 0.99*0.99 = 98%
On Fri, Sep 16, 2011 at 4:58 AM, Ben Laurie b...@links.org wrote:
On Fri, Sep 16, 2011 at 8:57 AM, Peter Gutmann
pgut...@cs.auckland.ac.nz wrote:
Marsh Ray ma...@extendedsubset.com writes:
The CAs can each fail on you independently. Each one is a potential weakest
link in the chain that the
In the various renditions of non-stop computing, a common
theme is to do the same calculation more than once and
compare the results, X'ing out the disagreements but keeping
moving forward.
This is a technique that goes back at least 200 years in the construction of
mathematical tables; see,
On 17/09/11 2:33 AM, Ben Laurie wrote:
A sufficiently low upper bound is convincing enough :-)
This is all the example seeks to show: There is a low upper bound.
We really don't care whether it is 1% or 30%, or +/- 2% or finger in the
air... as long as it is too low to be credible.
We
On Thu, Sep 15, 2011 at 6:40 AM, Kevin W. Wall kevin.w.w...@gmail.com wrote:
[Note to moderator: May be slightly OT. Unfortunately, Gmail web interface
won't allow me to alter the Subject: to mention it there.]
[Note to gmail user: yes it will, Edit Subject right under the To box.
On Wed, Sep 14, 2011 at 7:34 PM, Arshad Noor arshad.n...@strongauth.com wrote:
However, an RP must assess this risk before trusting a self-signed
Root CA's certificate. If you believe there is uncertainty, then
don't trust the Root CA. Delete their certificate from your browser
and other
On 15/09/2011, at 15:40, Kevin W. Wall kevin.w.w...@gmail.com wrote:
Trust is not binary.
Right. Or, in modelling terms, trust isn't absolute.
AES might be 99.99% reliable, which is approximately 100% for any million
or so events [1].
Trust in a CA might be more like 99%.
Now, if we
On 16/09/2011, at 1:22, Andy Steingruebl a...@steingruebl.com wrote:
On Wed, Sep 14, 2011 at 7:34 PM, Arshad Noor arshad.n...@strongauth.com
wrote:
However, an RP must assess this risk before trusting a self-signed
Root CA's certificate. If you believe there is uncertainty, then
don't
On 09/15/2011 12:15 PM, Ian G wrote:
Trust in a CA might be more like 99%.
Now, if we have a 1% untrustworthy rating for a CA, what happens when
we have 100 CAs?
Well, untrust is additive (at least). We require to trust all the
CAs. So we have a 100% untrustworthy rating for any system of 100
On Thu, Sep 15, 2011 at 7:16 PM, Marsh Ray ma...@extendedsubset.com wrote:
Zooko said something the other day that has really stuck with me. I
can't get it out of my head, I hope he will give us a post to explain it
further:
https://twitter.com/zooko/status/108347877872500737
I find the word
Marsh Ray said this:
-+--
|
| Is this user's reliance dependency transitive? - Yes, obviously.
|
I agree with that. Can I ask if you agree with this?
The source of risk is dependence, perhaps especially
dependence on expectations of system state.
Thinking aloud,
I find the word trust confuses more than it
communicates. Try Mark S. Miller's relies on instead!
This reminds me... As many here will know, the DoD (Orange book, etc.) uses (or
at least used to use) the word trust explicitly in this latter sense. Any
component that handled multi-level data
Hi,
Yes, with the second operation offline and validating against the NSS
root store. I don't have a MS one at the moment, it would be interesting
(how do you extract that from Win? The EFF guys should know)
You might look at https://www.eff.org/files/ssl-observatory-code-r1.tar_.bz2
in
Hi,
Well, yes, but it is the Alexa Top 1 million list that is scanned. I can
give you a few numbers for the Top 1K or so, too, but it does remain a
relative popularity.
How many of those sites ever advertise an HTTPS end-point though?
Maybe users are extremely unlikely to ever see a link,
On Sep 13, 2011, at 7:14 PM, Ralph Holz wrote:
Hi,
HTTPS Everywhere makes users encounter this situation more than they
otherwise might.
A week or three ago, I got cert warnings - from gmail's page. (Yes, I'm
using HTTPS Everywhere).
When _that_ happens, please tell Google and EFF.
Arshad Noor writes:
I'm not sure I understand why it would be helpful to know all (or any)
intermediate CA ahead of time. If you trust the self-signed Root CA,
then, by definition, you've decided to trust everything that CA (and
subordinate CA) issues, with the exception of revoked
*not* nitpicking...
...as Peter Biddle points out, trust isn't transitive.
as an engineer, I feel compelled to add that security is not
composable, either (joining two secure systems does not necessarily
result in a secure composite)
*not* nitpicking.
--dan
On 09/14/2011 09:34 PM, Arshad Noor wrote:
On 9/14/2011 2:52 PM, Seth David Schoen wrote:
Arshad Noor writes:
I'm not sure I understand why it would be helpful to know all (or any)
intermediate CA ahead of time. If you trust the self-signed Root CA,
then, by definition, you've decided to
--
On 2011-09-11 4:09 PM, Jon Callas wrote:
The bottom line is that there are places that continuity
works well -- phone calls are actually a good one. There
are places it doesn't. The SSL problem that Lucky has
talked about so well is a place where it doesn't. Amazon
can't use
On Mon, Sep 12, 2011 at 5:48 PM, James A. Donald jam...@echeque.com wrote:
--
On 2011-09-11 4:09 PM, Jon Callas wrote:
The bottom line is that there are places that continuity
works well -- phone calls are actually a good one. There
are places it doesn't. The SSL problem that Lucky has
On 13/09/2011, at 23:57, Jeffrey Walton noloa...@gmail.com wrote:
On Mon, Sep 12, 2011 at 5:48 PM, James A. Donald jam...@echeque.com wrote:
--
On 2011-09-11 4:09 PM, Jon Callas wrote:
The bottom line is that there are places that continuity
works well -- phone calls are actually a good
On Sep 12, 2011, at 5:48 00PM, James A. Donald wrote:
--
On 2011-09-11 4:09 PM, Jon Callas wrote:
The bottom line is that there are places that continuity
works well -- phone calls are actually a good one. There
are places it doesn't. The SSL problem that Lucky has
talked about so
On Tue, Sep 13, 2011 at 10:48 AM, Steven Bellovin s...@cs.columbia.edu wrote:
Furthermore,
they're probably right; most of the certificate errors I've
seen over the years were from ordinary carelessness or errors,
rather than an attack; clicking OK is *precisely* the right
thing to do.
Is
Andy Steingruebl writes:
They used to be quite common, but other than 1 or 2 sites I visit
regularly that I know ave self-signed certs, I *never* run into cert
warnings anymore. BTW, I'm excluding mixed content warnings from
this for the moment because they are a different but related issue.
On Sep 13, 2011, at 2:22 28PM, Andy Steingruebl wrote:
On Tue, Sep 13, 2011 at 10:48 AM, Steven Bellovin s...@cs.columbia.edu
wrote:
Furthermore,
they're probably right; most of the certificate errors I've
seen over the years were from ordinary carelessness or errors,
rather than an
On Sep 13, 2011, at 11:57 AM, Steven Bellovin wrote:
From personal experience -- I use https to read news.google.com; Firefox 6
on a Mac complains about wildcard certificates. And ietf.org's certificate
expired recently; it took a day or so to get a new one installed.
This last bit might be
On 09/13/2011 01:31 PM, Seth David Schoen wrote:
An example from yesterday was
https://www.senate.gov/
which had a valid cert a while ago and then recently stopped. (Their
HTTPS support was reported to us as working on June 29; according to
Perspectives, the most recent change apparently
On Sep 13, 2011, at 3:00 32PM, Paul Hoffman wrote:
On Sep 13, 2011, at 11:57 AM, Steven Bellovin wrote:
From personal experience -- I use https to read news.google.com; Firefox 6
on a Mac complains about wildcard certificates. And ietf.org's certificate
expired recently; it took a day or
Hi,
Is anyone aware of any up-to-date data on this btw? I've had
discussions with the browser makers and they have some data, but I
wonder whether anyone else has any data at scale of how often users
really do run into cert warnings these days. They used to be quite
common, but other than 1
From: Seth David Schoen sch...@eff.org
To: Crypto discussion list cryptography@randombit.net
Sent: Tuesday, September 13, 2011 2:31:59 PM
Subject: Re: [cryptography] Let's go back to the beginning on this
HTTPS Everywhere makes users encounter this situation more than they
otherwise might
Randall Webmail writes:
From: Seth David Schoen sch...@eff.org
To: Crypto discussion list cryptography@randombit.net
Sent: Tuesday, September 13, 2011 2:31:59 PM
Subject: Re: [cryptography] Let's go back to the beginning on this
HTTPS Everywhere makes users encounter this situation more
Hi,
Interesting. Are you pulling the server-certs out of the SSL
handshake and then checking if they validate against any browser
store?
Yes, with the second operation offline and validating against the NSS
root store. I don't have a MS one at the moment, it would be interesting
(how do you
Hi,
HTTPS Everywhere makes users encounter this situation more than they
otherwise might.
A week or three ago, I got cert warnings - from gmail's page. (Yes, I'm
using HTTPS Everywhere).
When _that_ happens, please tell Google and EFF. I'm sure both
organizations would be fascinated.
On Tue, Sep 13, 2011 at 4:09 PM, Ralph Holz h...@net.in.tum.de wrote:
Well, yes, but it is the Alexa Top 1 million list that is scanned. I can
give you a few numbers for the Top 1K or so, too, but it does remain a
relative popularity.
How many of those sites ever advertise an HTTPS end-point
From: Ralph Holz h...@net.in.tum.de
To: Crypto discussion list cryptography@randombit.net
Sent: Tuesday, September 13, 2011 7:14:39 PM
Subject: Re: [cryptography] Let's go back to the beginning on this
Hi,
HTTPS Everywhere makes users encounter this situation more than they
otherwise might
Ralph Holz writes:
Yes, with the second operation offline and validating against the NSS
root store. I don't have a MS one at the moment, it would be interesting
(how do you extract that from Win? The EFF guys should know)
You might look at
On 9/13/2011 4:44 PM, Seth David Schoen wrote:
On the other hand, a similar phenomenon occurs in other
browsers with regard to intermediate CAs, because there's no way to
get a list of intermediate CAs before they are encountered in the wild,
and definitely no way to get an exhaustive list of
On 2011-09-14 4:31 AM, Seth David Schoen wrote:
https://www.senate.gov/
which had a valid cert a while ago and then recently stopped.
A system that gives false negatives is worthless. It has to be
sufficiently reliable that it makes sense to deny access.
Of course, a system where one has
On Sun, Sep 11, 2011 at 7:09 AM, Jon Callas j...@callas.org wrote:
PGP is of course the most notorious consensus system. There's a lot of good
things about it. It's very resilient in the face of unreliable authorities
(think Nasrudin). A number of proposals on how to fix the SSL problem adopt
In summary, Jon Callas wrote, about the challenges of ascertaining
identities:
The who who make you an authority are the community,
and they do it because you act like one.
This is just one of three models of identity assessment, prior to any
technological component:
one's reputation in
On Sun, Sep 11, 2011 at 1:09 AM, Jon Callas j...@callas.org wrote:
We're all in the middle of a maze trying to get back. It's easier to
understand things if you start at the beginning and walk your way forward.
(It's often even easier to start at the end and walk backwards, too, but I
don't
Jon, I think there was a great deal of wisdom in your post. I'd add only one
thing: a pointer to the definition of dialog box at
http://www.w3.org/2006/WSC/wiki/Glossary .
___
cryptography mailing list
cryptography@randombit.net
42 matches
Mail list logo