[tahoe-dev] SSL samurai attack migration ninjas, film at 11
James A. Donald
jamesd at echeque.com
Sat Oct 29 04:43:44 UTC 2011
On 2011-10-29 4:05 AM, Shawn Willden wrote:
> OT: Does anyone else think it's crazy that web browsers flash huge red
> warning signs when they see a self-signed cert, as though that's a clear
> indication of some sort of attack being attempted, which is almost never the
> case?
>
> It's always seemed to me than an appropriate browser response to a
> self-signed cert is to accept it and use it to establish an encrypted
> session, but not to display the lock icon or anything else that would make
> the user think this page is especially secure. For bonus points, browsers
> could implement ssh-style notification of server key changes.
Well of course, but CA's don't want people providing their own
certificate, even though in practice self signed certificates provide
almost the same level of security as CA certificates, and certificates
with ssh-style notification of server key root changes provide a good
deal more security (ssl providing no security whatever against state
level and similarly powerful adversaries, and limited security against
less powerful adversaries, that is to say, no security whatever against
anyone able to hack any one of a thousand or so CAs)
More information about the tahoe-dev
mailing list