On Sun, Jan 6, 2013 at 1:15 PM, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote: > Ben Laurie <b...@links.org> writes: >>On Sat, Jan 5, 2013 at 1:26 PM, Peter Gutmann <pgut...@cs.auckland.ac.nz> >>wrote: >>> In the light of yet another in an apparently neverending string of CA >>> failures, how long are browser vendors going to keep perpetuating this PKI >>> farce? [0]. Not only is there no recorded instance, anytime, anywhere, of a >>> browser certificate warning actually protecting users from harm [1], >> >>This is patently incorrect: Diginotar were caught by a browser warning. > > Well, we think that at least one user was. We definitely know that 300,000 > others weren't. That's hardly a triumph of browser PKI. > > Let's look at the figures in more detail. There are around a billion users of > the Internet. Let's say that they go to two SSL-enabled sites a day, probably > a lower bound but it's just a back-of-the-envelope thing. That's two billion > uses of browser PKI a day, let's call it roughly a trillion a year. SSL has > been around in significant volume for, say, about 15 years, so that's 15 > trillion uses. The number of people who reported being warned about the > Diginotar cert was, say, a dozen or so, and of that we don't know how many > ignored the warning and clicked through anyway, as they've been conditioned to > do.
My understanding is you can't click through a pinning warning. > There are figures from an earlier invalid-cert case in which exactly one > user out of 300 was turned back by the warning, but let's be generous and say > it was two users who were turned away. So out of 15 trillion uses of browser > PKI, two worked to protect users. In other words it has an effectiveness rate > of one in seven trillion. a) I don't believe your figures, and b) You are not counting all the people who were protected by the early detection of Diginotar. > That pretty much makes browser PKI the homeopathy of security. > >>Certificate Transparency is a real security measure that is a response by a >>browser vendor. > > So the response to the repeated failure of browser PKI is PKI-me-harder. > Yeah, that's really going to make users safer. I suspect you don't understand CT - perhaps you'd care to explain why it is PKI-me-harder? In any case, its time you updated your out-of-date rant - or, even better, explained your solution to the problem. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
