On 11/04/2008 02:04 PM, Bernie Sumption:
The problem as I see it is that the same warning UI is shown whenever there is a less than perfect certificate. Let us assume
The concept of SSL certificates isn't based on assumptions! Neither does the cryptographic library assume things, but makes decisions.
How about dropping encryption with certain web sites because the browser assumes it to more or less important to secure?
The important thing is that we recognise that some kind of MITM detection is essential,
There is a very specific MITM detection tool being used widely...and it's not "some kind"...it works, it does the job, many invested into it (from NSS up to the Mozilla Foundation to the CAs). It has very clear rules to follow and detection is 100% guarantied. The very specific rules rule out self-signed certificates. Is that so hard to get?
The browser could send all self-signed or invalid certificates to a trusted MITM detection service, say https://mitm.mozilla.com. A MITM on this site is impossible because it would have a valid certificate.
I know you brought it up somewhere on Bugzilla....go ahead and implement it. Obviously mitm.mozilla.com will be the first target to attack in order to invalidate the service by letting it send out false positives. Up to the point where it would become unreliable.
* Any other ideas?
Yes, how about simple, available x.509 certificates from a big range of CAs fitting every pocket and taste? :-)
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
