undefined | Better HN

0 pointstptacek6y ago0 comments

Your complaint is about phishing. I agree that phishing is too easy. But that concern is orthogonal to (and significantly harder than, both technically and from a policy perspective) reliably encrypting the TLS transport.

This is one of the older controversies on m.d.s.policy, for whatever it's worth to you.

I don't really care where you or anyone else comes down on this, as long as we all agree that you can't just jettison certificates and let HTTPS "just provide encryption", which is a common HN refrain and is clearly unsound reasoning.

0 comments

5 comments · 1 top-level

ocdtrekkie6y ago· 4 in thread

You could jettison PKI though. Self-signed certificates would provide as much security after the initial connection. The theory of PKI is that the CAs are providing a source of trust in the identity of the certificate holder, but that is mostly meaningless if domains cannot be meaningfully connected to real businesses and/or people.

tptacekOP6y ago

How exactly do you think a self-signed certificate addresses this problem? I connect to BANKOFAMERICA.COM. It presents me a self-signed certificate. How do I know if that's BofA's self-signed certificate, or any active attacker's?

ocdtrekkie6y ago

How do you know bankofamerica.com is owned by the actual Bank of America? Or that someone didn't use a Cyrillic character in that URL so it looks legitimate and even has a CA-signed cert? Or that one of the more questionable CAs hasn't given someone else a cert for bankofamerica.com.

I am not saying issuing self-signed certs are great, merely that CAs do not meaningfully improve on them if domain validation is all we have, because domain validation doesn't tell you a heck of a lot.

As you said in another response, the CA system has problems. EV, at least, represents something useful when issued by a CA and solves a real problem. And the problems with EV Troy complains about are all fixable.

1 more reply

wolf550e6y ago

The self signed cert will need to be rotated from time to time, without being signed by previous cert because e.g. private key was lost or because private key is known to have been compromised. How will your browser, connected to cafe wifi, know that change in self signed cert since last connection is legitimate vs MiTM by wifi AP in cafe?

The CA provides multi perspective check from servers connected to internet backbone, where network hijack is harder than at cafe wifi AP.

ocdtrekkie6y ago

The CA system also provides dozens of organizations all over the world to issue certificates for any domain and to hand them out to pretty much anyone.

If Microsoft included a self-signed cert in my Windows install for itself, I would know my communications with Microsoft came from whoever made my Windows operating system. Meanwhile, with PKI, dozens of companies can technically generate certificates for microsoft.com and we're just all hoping none of them do it without getting caught.

3 more replies

j / k navigate · click thread line to collapse

0 comments

5 comments · 1 top-level

ocdtrekkie6y ago· 4 in thread

tptacekOP6y ago

ocdtrekkie6y ago

1 more reply

wolf550e6y ago

The CA provides multi perspective check from servers connected to internet backbone, where network hijack is harder than at cafe wifi AP.

ocdtrekkie6y ago

The CA system also provides dozens of organizations all over the world to issue certificates for any domain and to hand them out to pretty much anyone.

3 more replies

j / k navigate · click thread line to collapse