[159245] in North American Network Operators' Group
Re: Gmail and SSL
daemon@ATHENA.MIT.EDU (William Herrin)
Wed Jan 2 14:37:02 2013
In-Reply-To: <CAL9jLaYpSXzh5a8XuWa6SB7q_ScBMsZFg0M_YkJWSsjoQ4nXBQ@mail.gmail.com>
From: William Herrin <bill@herrin.us>
Date: Wed, 2 Jan 2013 14:36:30 -0500
To: Christopher Morrow <morrowc.lists@gmail.com>
Cc: John Levine <johnl@iecc.com>, nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Jan 2, 2013 at 1:39 PM, Christopher Morrow
<morrowc.lists@gmail.com> wrote:
> goodness-scale (goodness to the left)
> signed > self-signed > unsigned
Hi Chris,
Self-signed and unsigned are identical. The "goodness" scale is:
Encrypted & Verified (signed) > Encrypted Unsigned (or self-signed,
same difference) > Unencrypted but physically protected > Unprotected
> I don't think there's much disagreement about that... the sticky
> wicket though is 'how much better is 'signed' vs 'self-signed' ? and I
> think the feeling is that:
I don't see how "feeling" plays into it.
Communications using an unverified public key are trivially vulnerable
to a man-in-the-middle attack where the connection is decrypted,
captured in its unencrypted form and then undetectably re-encrypted
with a different key. Communications using a key signed by a trusted
third party suffer such attacks only with extraordinary difficulty on
the part of the attacker. It's purely a technical matter.
The information you're trying to protect is either sensitive enough
that this risk is unacceptable or it isn't. That's purely a question
for the information owner. No one else's opinion matters for squat.
Regards,
Bill Herrin
--
William D. Herrin ................ herrin@dirtside.com bill@herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
