Ian Grigg wrote:
Also, given the nature of self-signed certificates, it is pretty clear that the user gives up any benefit of revocation by CAs. What on earth is offensive about that? A self-signed cert user doesn't want anything to do with a CA, including revocation. There is simply no drama here.
What that means is that applications such as Mozilla should treat self-signed certs differently from certs issued by trusted CAs. And they do currently, by bringing you a big warning. I think it should remain.
Perhaps wording can be added, to explain that if the user accepts the cert, there is no way it will ever get revoked. But I believe that's too complicated for most people to understand. Under most circumstances, the cert simply shouldn't be trusted period, especially by people who have no understanding of certs. Having an "advanced" mode for the browser where it's possible to change trust, and a normal mode where it's not, for unsophisticated users, would be a good compromise.
The logical conclusion of this is that self-signed certs, if they are ever to be used, should only be used by sophisticated users, who have means to validate the certs outside of PKI, in a manual way (!).
Having an application automatically generate self-signed certs to widen PKI use for the masses, as you have suggested, would be a very bad disservice to the value of certs, because the masses could never understand the risks associated with using and trusting any of those self-signed certs. They just don't read the security warnings, they blindly click through.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
