On Mon, 12 Jun 2000, Richard Levitte - VMS Whacker wrote:
> Oh, what a beautiful mixup I did there between server and client
> certs! Even got myself confused :-). However, the fact still
> remains, there's no trust path of value to me, the value of certer
> certs in themselves is more or less none, except to give the server
> and my browser a chance to start an encrypted session, which is
> probably fine for most people. And from that point of view you're
> absolutely right, the warning about an unknown CA is just an
> annoyance. But hey, it would be possible for someone to get a
> perfectly legal CA cert signed by, Thawte, and then use it to sign a
> cert presumably for, oh say, Amazon, and thereby fool a whole bunch of
> people. And in that case, a *silent* browser is a bit more scary to
> me. Setting up a secure channel is nice enough, but authentication is
> a different matter, and depending on your level of paranoia, quite a
> difficult one at that.
>
> People just don't have that clue yet... Or maybe I'm just overly
> paranoid...
You may be paranoid, but that doesn't mean that people aren't out to get
you :-)
I think the problem is multi-leveled:
1. Most users don't understand what a PKI or a CA is. So, having a pop-up
that comes up with a new CA, sends them into a complete quandary and makes
them feel uneasy.
2. Netscape and MS don't want to make the user feel uneasy, if they don't
have to. So, they provide a "trust list" of CAs and set the browsers so
that everyone "trusts" these CA's without being bothered with questions.
[ In other words: Hide the issues from the user to keep them from feeling
icky ]
3. Of course, at the technical purist level, this is wrong. Every CA
(i.e. every self-signed cert) that you use should be verified by some
out-of-band (non-PKI) method and closely protected locally, so that you
are always assured of using a copy that you have personally verified.
However, this is not easy to do. Frankly, it is a lot of work and in most
cases, impractical.
4. At the practical and everyday level, we can be pretty sure that the
certs delivered with Netscape and IE are OK. If we go to some fairly
well-traversed public site using one of these certs, some red flags will
go up when the you get signature mis-matches... That will tip you off
that your cert list has been compromised. Besides you could say: "What am
I risking? I take a no less a risk when I give my credit card to the
cashier, or when I order that L.L. Bean hunting jacket over the phone.
Don't bother me with your paranoia."
1. and 2. perpetuate each other. By making the browsers as "friendly" as
possibly, Netscape and IE gloss over and hide the real issues behind PKI.
But of course, by hiding the issues the user population will never learn.
Since the user population doesn't understand this stuff, you must continue
to hide it. When those situations that aren't "well-hidden" (requiring a
pop-up) occur, the usually well-hidden issues are exposed, leaving the
user scratching his/her head.
Why hide it? Because the issues are complicated. To do it "right" (as in
3.) is impractical and given the current education of the users in PKI
issues, nearly impossible. So we settle for the situation, like in 4.
But shouldn't we have higher goals than that?
yuji
----
Yuji Shinozaki Computer Systems Senior Engineer
[EMAIL PROTECTED] Advanced Technologies Group
(804)924-7171 Information Technology & Communication
http://www.people.virginia.edu/~ys2n University of Virginia
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
