On Mon, May 30, 2016 at 09:42:00AM +0100, Gervase Markham wrote: > On 29/05/16 11:48, Peter Gutmann wrote: > > Are you really trying to claim that the sad farce that is current browser > > PKI > > is absolutely the very best that browser vendors can do in terms of > > protecting > > users online? > > I'm sure things can always be better. My point was that the current > system, for all its flaws, prevents a great deal of evil in a way which > is pretty much totally transparent to users. And that's a big benefit.
IMO it is too much of transparency for my taste, too much is going under the hood which is important and nobody notices. The complexity of the system is too much to think that total transparency can be safe. The current "total transparency" paradigm makes it too easy for webmasters to do bad security and very hard for users to do additional verification. As an example for important sites I want the possibility to manually pin the certificates and manually verify them. The CertPatrol addon gives me the theoretical ablility to do it but in practice this is an extreme annoyance as some important sites use so many domains and renew certificates so often that it is impossible to keep track of it. Richard -- Name and OpenPGP keys available from pgp key servers _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy