"Convergence" proposal and Perspective Project "network notary" servers [was: Question: secure third-party attestations about web sites ?]

Mark Watson <watsonm@netflix.com>, 2015-04-29 08:41 -0700:
> Archived-At: <http://www.w3.org/mid/CAEnTvdCyqDqa+sfbm4m0qYY6RK5xLx6Ur2ryoPUu2OcJJvmzDQ@mail.gmail.com>
> 
> All,
> 
> During some of the discussions about HTTPS, the point was raised that HTTPS
> gives you only an assurance about the identity of the site and the privacy
> of your communication with that site. It tells you nothing about the
> security and privacy properties of the site itself.
> 
> It occurred to me that there are many third-party organizations, eTrust or
> any of the anti-virus people for example, that do aim to give users
> information about the security and privacy properties of sites (both
> positive and negative). But there is, as far as I know, no secure mechanism
> for these attestations to be presented to users: case-by-case policing of
> abuse of those logos / marks is the only defense.
> 
> So my question is whether there is any ongoing work, or if it even makes
> sense, for UAs to play a role in secure delivery of such third-party
> attestations to users ? (I would expect it to be a long-term project - I'm
> not thinking about quick-fixes here).

If I’m not misunderstanding, isn’t this what the Whisper Systems (Moxie
Marlinspike) “Convergence” proposal and the earlier CMU Perspective Project’s
“network notary” server approach are aiming to help with?

  http://convergence.io/
  http://perspectives-project.org/

The approach those share doesn’t explicitly provide information about the
security and privacy properties of a site but instead focuses on giving
users a better means to make informed trust decisions about sites—and more
direct control over who else they trust to help them make those decisions.

Some excepts from the Perspective Project’s welcome page at the URL above—

> With Perspectives, public “network notary” servers regularly monitor the
> SSL certificates used by 100,000s+ websites to help your browser detect
> “man-in-the-middle” attacks without relying on certificate authorities.
...
> The root of the problem is that with the CA model, browsers blindly trust
> a group of 600+ corporate and government parties (ref) to validate SSL
> certificates.  You as a web browser user have little or no choice about
> who to trust and essentially no visibility into whether these
> organizations deserve your trust.
...
> A network notary server is connected to the Internet and regularly
> monitors websites to build a history of the SSL certificate used by each
> site.
...
> Rather than validating an SSL certificate by checking for certificate
> authority approval, with Perspectives the browser validates a certificate
> by checking for consistency with the certificates observed by the network
> notaries over time.
...
> Just like a user picks which search engine their browser will use, they
> user can also choose what group(s) of network notaries they will trust.

  —Mike

-- 
Michael[tm] Smith https://people.w3.org/mike

Received on Saturday, 2 May 2015 14:05:09 UTC