[liberationtech] verifying SSL certs (was Re: In defense of client-side encryption (Guido Witmond)

Wed Aug 14 06:18:43 PDT 2013

On 14 August 2013 08:54, Guido Witmond <guido at witmond.nl> wrote:

> On 08/13/13 19:42, Andy Isaacson wrote:
> > On Mon, Aug 12, 2013 at 11:10:39AM +0200, Guido Witmond wrote:
> >> There is another problem. You rely on HTTPS. Here is the 64000
> >> dollar question:
> >>
> >> Q._"What is the CA-certificate for your banks' website?"_
> >>
> >> I ask that question to anyone who claims to be security conscious.
> >> No one has given me positive answer so far. Not even a wrong
> >> answer. Only that people don't know.
> >>
> >> So I take it for granted that people won't verify anything, ever.
> >
> > FWIW, I did run my browser in "trust on first use" (TOFU) mode -- I
> > deleted all the CA certs and manually added exceptions for each
> > site, as I encountered the certificate warnings -- for several years.
> > I've given up on that for modern websites because
> >
>
> To be honest, I wouldn't win my quiz either. Could use the money, though
> :-)
>
> I deleted the certificate and relied on CMU's Perspectives to tell me
> what certificate they've seen for each name.
>
> It worked quite well for most sites. But big ones, like Google use a
> different certificate for each endpoint. And Perspectives registers the
> server-certificates it detects when it connects to the servers, not the
> CA that signed it.
>
> At one point in time, my bank made it easy to win the quiz. They wrote
> the name of the CA on their home page. But they removed it as it offers
> no benefit against scammers (who would write their CA in that place) and
> probably confused a lot of customers.
>
> Perhaps some got even scared about that and found it less safe than
> without it.
>
> I to have given up on expecting security from the global CA's. That's
> why I want to see DNSSEC succeed.
>

DNSSEC merely transfers the problem to registries and registrars, who are
no more reliable than CAs. You need to solve the problem of having to trust
third parties before DNSSEC will work (which is the same problem you need
to solve for CAs), And, sorry to bang on about it, but the answer is
Certificate Transparency. BTW, my team is about to start looking at DNSSEC
Transparency, too.

>
> With DNSSEC, the bank specifies their CA certificate and my browser can
> validate it. To give an error when that doesn't match.
>
>
> Guido.
> --
> Liberationtech is a public list whose archives are searchable on Google.
> Violations of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130814/539af207/attachment.html>