- From: Marc Fawzi <marc.fawzi@gmail.com>
- Date: Mon, 23 Feb 2015 06:07:47 -0800
- To: "Eric J. Bowman" <eric@bisonsystems.net>
- Cc: Chris Palmer <palmer@google.com>, Nick Doty <npdoty@w3.org>, David Singer <singer@apple.com>, TAG List <www-tag@w3.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
- Message-ID: <CACioZis7Y8s5yH7oQpoFrwTn2w+wTQqJzYEWQN_=Cvq=4vx4Vw@mail.gmail.com>
http://zitseng.com/archives/7489 *Government-Linked Certificate Authorities in OS X (zitseng.com <http://zitseng.com>)* >From the comments on Hacker News: "No, if they want to hack your SSL comms, they aren't going to do it by using a MITM attack backed by a government-issued root CA, they are going to do it by gaining access to a "neutral" CA (such as Verisign), and obtaining the root certificate's private key. Now you would have a much harder time of figuring out that something has gone wrong, but then, if you're paranoid of the government spying on you, and you are using a CA other than one you own yourself, you've already lost the battle." I agree, no protocol or method can stop a nation state because things ultimately come down to physical security. But it is more reason to put the breaks on the idea that moving the whole web to https is going to make a real difference. I don't think it will. Once the users see https as a selective spying mechanism (open for govs, closed for petty criminals) they really won't trust the web ever again, unless you come up with a new protocol/story and keep evolving it in major ways to stay ahead of the inevitable. Copying the wisdom below (via another developer): *On Derived Values* This, milord, is my family's axe. We have owned it for almost nine hundred years, see. Of course, sometimes it needed a new blade. And sometimes it has required a new handle, new designs on the metalwork, a little refreshing of the ornamentation . . . but is this not the nine hundred-year-old axe of my family? And because it has changed gently over time, it is still a pretty good axe, y'know. Pretty good. -- Terry Pratchett, The Fifth Elephant On Sun, Feb 22, 2015 at 6:33 PM, Eric J. Bowman <eric@bisonsystems.net> wrote: > Eric J. Bowman wrote: > > > > > > > > I encourage you to read more about cryptography and cryptographic > > > network protocols, and to try your hand at subverting HTTP and HTTPS > > > traffic (on your own systems and networks only, of course). I think > > > you'll find that the available security guarantees and > > > non-guarantees of HTTP and of HTTPS are very different from what > > > you have expressed in this thread. > > > > > > > Thanks, but I don't think you've understood what it is I'm trying to > > express. > > > > Particularly, Superfish illustrates that the guarantees and non- > guarantees of HTTP and HTTPS are *exactly* what I tried to express in > this thread. > > Yes, I know. You're above this list now, or at least until March 30, > while you write a book on Web security. Let's just say I'm not pre- > ordering. > > -Eric > >
Received on Monday, 23 February 2015 14:08:57 UTC