There are also the really cool hash-based revocation ideas that actually do help even against active attackers on the same network. I really wish those ideas got more serious attention.
-Tim > -----Original Message----- > From: dev-security-policy [mailto:dev-security-policy- > bounces+tim.hollebeek=digicert....@lists.mozilla.org] On Behalf Of Tim > Shirley via dev-security-policy > Sent: Wednesday, December 13, 2017 2:47 PM > To: Gervase Markham <g...@mozilla.org>; mozilla-dev-security- > pol...@lists.mozilla.org > Subject: Re: On the value of EV > > As I understand it, Adam’s argument there was that to get value out of a > revoked certificate, you need to be between the user and the web server so > you can direct the traffic to your web server, so you’re already in position > to > also block revocation checks. I don’t think that maps here because a lot of > the > scenarios EV assists with don’t involve an attacker being in that position. > > I know the question has been raised before as to why most phishing sites use > DV. Some argue it’s because OV/EV are harder for people with bad intent to > obtain. Some argue it’s because DV is more ubiquitous across the web and > thus more ubiquitous on phishing sites. But regardless of which (or neither) > is > true, the very fact that EV certs are rarely (never?) used on phishing sites > is in > and of itself providing protection today to those of us who pay attention to > it. > I’d argue that alone means the seat belt isn’t worthless, and we should focus > on building better seat belts rather than cutting them out and relying on the > air bag alone. > > > > On 12/13/17, 3:46 PM, "Gervase Markham via dev-security-policy" <dev- > security-pol...@lists.mozilla.org> wrote: > > On 13/12/17 11:58, Tim Shirley wrote: > > So many of the arguments made here, such as this one, as well as the > recent demonstrations that helped start this thread, focus on edge cases. And > while those are certainly valuable to consider, they obscure the fact that > “Green Bar” adds value in the mainstream use cases. If we were talking about > how to improve EV, then by all means focus on the edge cases. The thing I > don’t see in all this is a compelling argument to take away something that’s > useful most of the time. > > My concern with this argument is that it's susceptible to the criticism > that Adam Langley made of revocation checking: > https://clicktime.symantec.com/a/1/oIyM4YfpaH03Is- > zFRH8AJzVNaqfkUt09K3WEgNPHOw=?d=uXDB34hHU71idZadw5ip3nRlsyu- > Farb4fe8P50v8eGeFFyo2uKWwJ4Owcn1ya1sP6zsnOxx541A3GOFiGV3Cf5xeA > C4qommBEsD51KyHnN1oECe8T_yt8LZ6ZCjx8lUkHA5M71KtHURAAzZWV7FY > W2u82WBSW6GLHWpUZAjFGUha5- > UmlfcwC2w_ObguO5luns9CJP7vlg2dgz6CGb- > qAUfdN84H9LFGImuQWG9kuOWmMJcPEtw37KtxFYHCUMUhYVoEv863RTwkj > agPy1iVmYeDYR3xVul3nPvwyGqiZxJFxeziNE- > gCzFthw99KCm3R75bz2c8DaSqvfSupR5AeE0exbXmWyQsLe7rCIHgOOKttvpaa > uSMp0gMzX- > AKZKGFpnyyt0VDxm9VA1jGMekaZ0QJfVj_l_rAFBGuauBVoWFBg_LOH5tQ%3D > %3D&u=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D4062%26d% > 3DkJGx2vx-xMRho_TXqyD3e8mI4fM_V- > yKUKn2tKZHNQ%26s%3D5%26u%3Dhttps%3A%2F%2Fwww.imperialviolet.or > g%2F2012%2F02%2F05%2Fcrlsets.html > > "So [EV identity is] like a seat-belt that snaps when you crash. Even > though it works 99% of the time, it's worthless because it only works > when you don't need it." > > Gerv > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > > https://clicktime.symantec.com/a/1/x_xKxQuisdeMQ99vEcSB8fYv9i3RYV6ppz > _my_vxbgs=?d=uXDB34hHU71idZadw5ip3nRlsyu- > Farb4fe8P50v8eGeFFyo2uKWwJ4Owcn1ya1sP6zsnOxx541A3GOFiGV3Cf5xeA > C4qommBEsD51KyHnN1oECe8T_yt8LZ6ZCjx8lUkHA5M71KtHURAAzZWV7FY > W2u82WBSW6GLHWpUZAjFGUha5- > UmlfcwC2w_ObguO5luns9CJP7vlg2dgz6CGb- > qAUfdN84H9LFGImuQWG9kuOWmMJcPEtw37KtxFYHCUMUhYVoEv863RTwkj > agPy1iVmYeDYR3xVul3nPvwyGqiZxJFxeziNE- > gCzFthw99KCm3R75bz2c8DaSqvfSupR5AeE0exbXmWyQsLe7rCIHgOOKttvpaa > uSMp0gMzX- > AKZKGFpnyyt0VDxm9VA1jGMekaZ0QJfVj_l_rAFBGuauBVoWFBg_LOH5tQ%3D > %3D&u=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D4062%26d% > 3DkJGx2vx-xMRho_TXqyD3e8mI4fM_V- > yKUK2gu_0caA%26s%3D5%26u%3Dhttps%3A%2F%2Flists.mozilla.org%2Flisti > nfo%2Fdev-security-policy > > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://clicktime.symantec.com/a/1/kC1oRrCZP6m7Z3MS1qjK8ooXeqYR94Ar > rjso4ZlYIqk=?d=uXDB34hHU71idZadw5ip3nRlsyu- > Farb4fe8P50v8eGeFFyo2uKWwJ4Owcn1ya1sP6zsnOxx541A3GOFiGV3Cf5xeA > C4qommBEsD51KyHnN1oECe8T_yt8LZ6ZCjx8lUkHA5M71KtHURAAzZWV7FY > W2u82WBSW6GLHWpUZAjFGUha5- > UmlfcwC2w_ObguO5luns9CJP7vlg2dgz6CGb- > qAUfdN84H9LFGImuQWG9kuOWmMJcPEtw37KtxFYHCUMUhYVoEv863RTwkj > agPy1iVmYeDYR3xVul3nPvwyGqiZxJFxeziNE- > gCzFthw99KCm3R75bz2c8DaSqvfSupR5AeE0exbXmWyQsLe7rCIHgOOKttvpaa > uSMp0gMzX- > AKZKGFpnyyt0VDxm9VA1jGMekaZ0QJfVj_l_rAFBGuauBVoWFBg_LOH5tQ%3D > %3D&u=https%3A%2F%2Flists.mozilla.org%2Flistinfo%2Fdev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
