[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ca-certificates: no more cacert.org certificates?!?

On Wed, Apr 2, 2014 at 4:22 AM, Bas Wijnen wrote:

> It's not at all equivalent.  When using (good) encryption, the only
> thing left to worry about is man in the middle attacks.  Even when
> someone is actively performing a man in the middle attack on you, your
> data is _still_ more secure than a plain text connection, because while
> the person doing the attack can read your data, the rest of the world
> still can't.  Of course the person doing the attack is probably more of
> a problem than the rest of the world, but he could read your data if it
> was unencrypted as well.
>
> An unencrypted connection is readable to everyone; an encrypted
> connection is readable to those in a position to alter your packets.
> And when they use it, it is detectable (which doesn't imply it is
> detected, but it probably would be if an organization like the NSA would
> start doing it on a really large scale).

Encrypted and unencrypted connections are equivalent because anyone
who is on your network path (or can manipulate DNS or BGP) can MITM
the connection. The MITM could be active or passive in either case,
encryption pushes more attacks to the active side but either is still
feasible. The NSA just does things like log all ciphertext for years
and then break endpoint security. Forward secrecy hasn't been in focus
until the recent NSA revelations really.

> There are three problems to solve: first, you need to know that you're
> talking to the right person.  Second, you need to make sure only that
> person can read your packets, and third, you need to know that that
> person is not evil.  CAs try (but fail) to solve the first point only.
> They are however treated by many people as if they solve all three.

Fourth, you need to know that the person will never subject to an
authority that could be evil at any point in time.

> Hmm, I would hope for a ca-certificates-cacert package then.  If I have
> to, I want to explain people that they need to install this; I don't
> want to explain them how to enable certificates.  Encryption is one of
> those things which should work by default, and any extra required step
> to make it possible is a bad thing.

I mentioned this point on IRC during the discussion.

> I've also asked Mozilla to give plain HTTP connections at least as much
> warnings as self-signed certificates (which would probably mean no
> warnings for either of them), but I don't think they'll listen.

I think they are constrained by the browser market; if they add
annoying popups and other browser vendors don't then they will
probably lose market share. This is the fundamental problem with web
security; the wider user population wants things to 'work', anything
that gets in the way tends

-- 
bye,
pabs

http://wiki.debian.org/PaulWise
Reply to: