When encryption is also authentication...
Jason Holt
jason at lunkwill.org
Thu May 30 09:22:35 PDT 2002
Ian Grigg wrote:
[...]
>> SSL for commerce is readily in place without batting an eyelid these days.
>
> Costs are still way too high. This won't change until
> browsers are shipped that treat self-signed certs as being
> valid. Unfortunately, browser manufacturers believe in
> cert-ware for a variety of non-security reasons.
[...]
Self signed certs defeat the purpose of the certificate chain mechanism, which
is not just there to make Veri$ign rich. Mallory can self-sign a cert for
bob.com, and hack Alice's DNS to point bob.com at her own site. But it's
(theoretically, anyway) much more difficult for her to convince Verisign that
she owns bob.com. If we trust Verisign to do that, then we know we're really
talking to Bob when we visit bob.com.
Now, the ability to add other CAs which we trust would be a nice feature, and
if there were more trustworthy CAs which were added to the browsers by
default, we could get the costs down closer to the actual overhead of
verifying that the supplicant (er, applicant) actually owns the domain he's
trying to get a cert for. But anyone can certify themselves as owning
amazon.com, and it's critical that my browser tell me when some stranger makes
such an assertion on their own.
-J
More information about the cypherpunks-legacy
mailing list