> >
> > If the Root Cert is not there, or if no root authority is
> > claimed (as in the case of self-certify), the browser asks
> > you if you trust this site - three or four dialog boxes allow
> > you to say 'yes' for now, or 'yes' for any future sessions.
> > ONLY if you say 'yes' for a future session will you add THAT
> > cert into the browser's cache.
>
> That was more or less my problem: the ONLY safe solution is saying NO
> systematically without even READING the certificate, except if you are able
> to validate by another mean the fact that the one that sends you a
> certificate for which you do not have a trusted root certificate is indeed
> the one he pretends to be; however that means that you are doing yourself
> what a root CA is doing :-)
>
> So browsers should never ask a question if the ONLY safe option is saying
> NO!
Well, not really. It would be, as an example, a pain in the @#% to
test your own webserver with a "test" certificate (e.g. a self signed
cert) if the browser categorically refused to accept the cert.
Now I do NOT see a problem with configuring out the ability
to do this (e.g. corporate environments). But I'd be royally p.o'ed
if I couldn't make use of my own internal web servers that have my
own certificates installed.
Also, there is value in trusting the certificate, even when it
is self signed - providing you know WHAT to trust. If you accept
the cert, you know you are entering into communication with
SOMEONE (no guarantee who), and that noone else is sniffing
your communications, because they are encrypted. Again, that
in itself has value.
Finally, the ability to import a root cert into the browser
through a controlled dialog can be easily enough done,
and securely, providing the sending site secures the
cert itself via an SSL connection that is behind an already
known certificate such as Thawte or Verisign. That way,
you know the company is legit, and you just need to decide
whether or not to trust them as a CA. It's that above step,
while easy enough to do, that is solved by getting your
cert into the Netscape and IE distributions, which appear
for all practical purposes to have been locked down at this point.
Thomas
-
------------------------------------------------------------
Thomas Reinke Tel: (905) 331-2260
Director of Technology Fax: (905) 331-2504
E-Soft Inc. http://www.e-softinc.com
Publishers of SecuritySpace http://www.securityspace.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
