Netscape as vehicle for cypherpunk agenda/the cypherpunk bully pulpit
I was thinking recently how the events of the past week or so have turned me into a sort of a Netscape advocate. Granted, there are bugs in Netscape, and there probably will be more bugs uncovered (someone needs to write an exploit if they want themself & Ray to get a T-shirt btw), but Netscape is interested in fixing problems and the new 2.0 is doing encrypted email, probably with a really nice interface (Haven't seen it yet, of course) and they are working to make the 128-bit version downloadable. (The 128bit version is available overseas already anyway, I hear.) The really big sticking point I see, however, is the certification authorities. There is a single point of failure here and that is at Verisign. This becomes a large problem I think if the en rypted email that Netscape does requires personal x509 certificates (I read that Versign is issuing those for $9/each.) This is a problem because for one thing I don't think Versign will want to issue certs to psudonyms, and Netscape may not talk encrypted email to non-certified people. (I am not sure) The solution to this, of course, is to allow Navigator to accept alternate certification hierarchies, so we can setup a Cypherpunks cert agency or a c2.org cert agency, which -will- sign nym's keys, etc. The question exists though, as to whether or not Netscape will allow for alternate agencies in Navigator. I haven't seen any mention of this feature in 2.0, so if the feature exists in 2.0, then great! Otherwise, unless Netscape is going to allow for alternte cert agencies on a specific timescale, I think we have to do something about it in order to force the issue. Along the same lines of what happened recently-- because of the exposed hole and the pressure put on Netscape, management was finally willing to let some of the code be available for public review. If something happened to show how relying on a single point of failure such as Verisign was bad and resulted in much press & publicity, then perhaps Netscape management would be convinced to allow for alternate cert hierarchies.. Some sort of hack which demonstrates this would be great. I am feeling uncreative and can't think of anything effective short of stealing Verisign's private key, but that would be pretty damn tough. -- sameer Voice: 510-601-9777 Community ConneXion FAX: 510-601-9734 An Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.org (or login as "guest") sameer@c2.org
I agree with Sameer's points here. Netscape carries with it the potential of revitalizing the cypherpunks agenda, but also, in the worst case, making it irrelevant. What happens, I think, depends on what we do. On the plus side, Netscape 2.0 will, without a doubt, be the first usable mail tool to incorporate real encryption. It may accomplish, almost overnight, the long-held goal of making a nontrivial fraction of Internet email secure. Another potentially big win is the Java language. It seems to me that it will be quite plausible to code up real crypto applications in this language. Once coded, these applications will run on every important platform in the universe, and can be accessible by the click of a mouse. Perl-RSA was a sign of what's possible in the non-C world. One caveat is the slowdown from the interpreted code (roughly a factor of 25). The best way to look at this is as a challenge, to use clever coding tricks and intelligent architectures, including caching. The speed of Java implementations will inevitably improve - in fact, I might just be doing my PhD thesis on memory management in Java. One potential downside, as Sameer points out, is the X.509 certification hierarchy. This ancient beast has the potential to defeat many of the cypherpunk aims, most especially the possiblity of anonymous communication. However, that's not a foregone conclusion. The most important thing to be doing right now is to _understand_ what's happening. Over the next couple of weeks, I'll be reading the S/MIME and X.509 documentation, poring over reference code, and (of course) playing with Netscape 2.0 myself. We're much more likely to get our agenda implemented if we are armed with a good understanding. There are lots of ways around X.509 - maybe we can work our way around it, maybe we can adapt it to our needs, maybe we can come up with something better and get it replaced. Whatever the case may be, we should not give up hope. Netscape is one manifestation of the ancient Chinese curse: may we live in interesting times! Raph
sameer wrote:
I haven't seen any mention of this feature in 2.0, so if the feature exists in 2.0, then great! Otherwise, unless Netscape is going to allow for alternte cert agencies on a specific timescale, I think we have to do something about it in order to force the issue.
Netscape has already annonced that for 2.0, the user will be able to accept (trust) (or reject) any set of certificate authorities for signing of certificates. I briefly looked for a copy of that announcement, but I could not find it. PK -- Philip L. Karlton karlton@netscape.com Principal Curmudgeon http://www.netscape.com/people/karlton Netscape Communications Corporation
In article <199509251741.KAA04656@infinity.c2.org>, sameer@c2.org (sameer) writes:
The really big sticking point I see, however, is the certification authorities. There is a single point of failure here and that is at Verisign. This becomes a large problem I think if the en rypted email that Netscape does requires personal x509 certificates (I read that Versign is issuing those for $9/each.) This is a problem because for one thing I don't think Versign will want to issue certs to psudonyms, and Netscape may not talk encrypted email to non-certified people. (I am not sure)
I believe that the identies of free certificates that verisign plans to offer to netscape customers will not be checked in any way other than to ensure that the name is unique for that CA. You will have to ask someone from Verisign to get a certain answer.
The solution to this, of course, is to allow Navigator to accept alternate certification hierarchies, so we can setup a Cypherpunks cert agency or a c2.org cert agency, which -will- sign nym's keys, etc. The question exists though, as to whether or not Netscape will allow for alternate agencies in Navigator.
I have stated here, and in other public forums, several times in the past few months, that Netscape Navigator 2.0 will support user configurable certificate authorities. You will be able to specify that you do or do not trust specific server certificates and certificate authorities. The user will be able to incorporate new CA certificates into their certificate database, and mark them as trusted for signing certs for SSL, email, etc. --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.
participants (4)
-
jsw@neon.netscape.com -
karlton -
Raph Levien -
sameer