W3C home > Mailing lists > Public > public-wsc-wg@w3.org > July 2007

Re: ACTION-240 :TLS errors...

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Mon, 09 Jul 2007 23:07:52 +0100
Message-ID: <4692B1B8.3070009@cs.tcd.ie>
To: Serge Egelman <egelman@cs.cmu.edu>
CC: Johnathan Nightingale <johnath@mozilla.com>, W3C WSC Public <public-wsc-wg@w3.org>


Serge,

While I think we all believe that the presentation of security
indicators has been done badly over the last decade, I do not
believe that one can therefore say that the security analysis
that underlies current implementations is wrong.

I also don't find a scattergun set of arguments to the effect
that "PKI is not perfect, let's throw up our hands" are at all
convincing.

In particular -

- "No information available" is IMO overwhelmingly more likely
   than finding a CRL or getting any OCSP response, and ignoring
   this is not an option for anyone who cares about revocation
- Beginning an argument with a "what about $20 certs" but
   following up with "let's ignore the $$" seems to me like a
   bad way to argue - your argument is either about low assurance
   or it isn't
- Saying that anything at all "require(s) little vetting by a CA"
   shows a misunderstanding of PKI, where CAs are not required
   to do anything, but instead declare via CP/CPS what it is that
   they claim to do (exceptions to this are connected to legally
   significant signatures, which are very rare and probably out
   of scope of this WG and certainly unrelated to TLS); while you
   may disagree with aspects of how PKI is defined/operated it is
   not ok to ignore those definitions/operational aspects

Basically, I think you need to make a *much* better constructed
argument, that needs to be demonstrably well-informed about the
details of PKI, if you are going to be convincing in terms of
the presentation of revoked certs or SSCs.

Stephen.
Received on Monday, 9 July 2007 22:06:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:49 GMT