[139034] in North American Network Operators' Group
RE: The state-level attack on the SSL CA security model
daemon@ATHENA.MIT.EDU (Akyol, Bora A)
Fri Mar 25 12:31:24 2011
From: "Akyol, Bora A" <bora@pnl.gov>
To: Dorn Hetzel <dorn@hetzel.org>
Date: Fri, 25 Mar 2011 09:30:48 -0700
In-Reply-To: <AANLkTinY1gUoEDetw+YAafCKSK8VJhcLyEpU+6JVgzRT@mail.gmail.com>
Cc: nanog group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Thanks
The other point I wanted to make is that not every solution is going to wor=
k for
every person. If we can improve the current state of things and make life b=
etter
for say another 50% of users, that's better than what we have now.
For example in Firefox 4, I could write an extension (if possible) that int=
ercepts the
certificate acceptance dialog and instead does a web query to see how many =
of
my friends and also their friends accepted the same cert and at least allo=
w me
to decide with more information than I am presented now. And you could argu=
e
that this should also apply to certs signed by CAs that are in the trust st=
ore of the
web browser too.
Just thinking out loud here.
---------------------------------------------------------------------------=
--------------------
From: Dorn Hetzel [mailto:dorn@hetzel.org]=20
Sent: Friday, March 25, 2011 9:24 AM
To: Akyol, Bora A
Cc: Valdis.Kletnieks@vt.edu; nanog group
Subject: Re: The state-level attack on the SSL CA security model
Not entirely unreasonable. =A0A button for "friend" and then one for "trust=
ed friend" :)
On Fri, Mar 25, 2011 at 12:19 PM, Akyol, Bora A <bora@pnl.gov> wrote:
One could argue that you could try something like the facebook model (or fa=
cebook itself). I can see it coming.
Facebook web of trust app ;-)
-----Original Message-----
From: Valdis.Kletnieks@vt.edu [mailto:Valdis.Kletnieks@vt.edu]
Sent: Friday, March 25, 2011 9:05 AM
To: Akyol, Bora A
Cc: Dobbins, Roland; nanog group
Subject: Re: The state-level attack on the SSL CA security model
On Fri, 25 Mar 2011 08:36:12 PDT, "Akyol, Bora A" said:
> Is it far fetched to supplement the existing system with a reputation
> based =A0model such as PGP? I apologize if this was discussed before.
That would be great, if you could ensure the following:
1) That Joe Sixpack actually knows enough somebodies who are trustable to s=
ign stuff. (If Joe doesn't know them, then it's not a web of trust, it's ju=
st the same old CA).
2) That Joe Sixpack doesn't blindly sign stuff himself (I've had to on occa=
sion scrape unknown signatures off my PGP key on the keyservers, when peopl=
e I've never heard of before have signed my key "just because somebody they=
recognized signed it").
The PGP model doesn't work for users who are used to clicking everything th=
ey see, whether or not they really should...
