I just finished presenting on a survey of improvements to Browsers, TLS and PKI that have happened in the past couple years. It probably won't have anything entirely new to the members of this list, but it might have some small nuggets of info you didn't know about. The outline is below. Something I think is valuable is a collection of properties to remember when evaluating proposals. Copy/Pasted without context:
- Bootstrapping Trust is Hard - Security Policy is dictated by the site - Security Policy Anomalies can be reported - Security Policy can be learned & guessed at - Extra Network Trips are bad - Clocks Matter - Ability to change the trusted parties is desirable - Network Perspectives only tells you what others see - Users Don’t Change Defaults - Privacy Matters - Browsers, Server Operators, CAs – who does the work? - Public doesn’t mean correct… it just means public - Going back to basics is useful So we can look at say, Convergence and say "Well, it solves the bootstrapping problem by hardcoding notary keys in the notary bundle, it doesn't give any mechanism for sites to dictate their security policy, nor can anomalies be reported. It uses an extra network request sometimes (but not usually because of caching), doesn't require a clock, and can change the trusted notaries easily. We have a problem with notary uptime and reliability (default hard-coded notaries), and the work is offloaded from sites and CAs. We have notaries that can authenticate on anything, not just public-status - and revocation is handled transparently in most cases." I'm still traveling, so I won't have the best response time, but I'd like to fix any errors in it if you care to point them out to me with your pet project or proposal. -tom Blog: http://ritter.vg/blog-blackhateu_tls.html Whitepaper: http://ritter.vg/p/2012-TLS-Survey.pdf Outline: Introduction Browser Security - Content Security Policy - Caja - Javascript Cryptography - Strict Transport Security - Public Key Pinning - Bootstrapping Trust DNSSEC - DNSSEC-Verified Fingerprints - DNSSEC Trust Chain TLS - TLS Protocol Improvements -- TLS 1.1 -- TLS 1.2 -- TLS Deployment -- TLS Ciphersuites\label{TLS-Ciphersuites -- False Start -- Next Protocol Negotiation - Identity Management in TLS -- Channel Binding -- Origin Bound Certificates -- Using Binding Today -- Secure Remote Password -- Other Identity Management Proposals - More TLS Improvements -- Encrypted Client Certificates -- Datagram TLS -- Minor TLS Additions Public Key Infrastructure - Revocation -- Certificate Revocation Lists -- Online Certificate Status Protocol -- OCSP Stapling -- Revocation Proposals - Certification Authority Authorization - Extensions for Server Operators - Security Policy Learning - CA/Browser Forum - Network Perspectives Based Trust Decisions -- Perspectives -- Convergence -- CrossBear & MECAI - Public Accountability Based Trust Decisions -- Sovereign Keys -- CA Transparency and Auditability - Simple \& Unusual Approaches -- Certificate Patrol -- Certificate Authority Penalties -- MonkeySphere -- YURLs - Concepts of Certificate Authority Enhancements and Replacements _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
