Re: Support for SSL False Start in Firefox
Thanks for the information, Kurt (and indirectly, Eddy). I would like to be accurate on this point and correct the story as necessary, but I need help in ensuring I have the right information and understand what it means, first. Where did you get you numbers exactly? Kurt, I gather your SSL data is from July's Defcon paper (available at https://www.eff.org/observatory). For starts, could you folks explain to me why the 4.3M sites with a valid certificate chain would be the ones to look at (vs. all that offer an SSL handshake). Second, why would Google be wrong in saying it's 0.05 percent of all sites vs. just SSL/TLS-encrypted sites? No, I cannot explain, I'm just repeating what I have heard from a reputable source (EFF/etc.). Well actually I can: Valid cert chain = signed certificate from a trusted root (Verisign/etc.). SSL handshake = some SSL certificate (self signed, internal CA, or external CA like Verisign/etc.). As for: Second, why would Google be wrong in saying it's 0.05 percent of all sites vs. just SSL/TLS-encrypted sites? I cannot speak for Google (heck, I can barely speak for myself!), so I have no idea. I am simply quoting your your %'s. sts -- stephen.shankl...@cbs.com http://news.cnet.com/deep-tech Twitter/Skype: stshank -- Kurt Seifried k...@seifried.org tel: 1-703-879-3176 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Support for SSL False Start in Firefox
Google is currently communicating about how they will use SSL False Start to accelerate the web, even if it means breaking a small fraction of incompatible site (they will use a black list that should mitigate most of the problem). See http://news.cnet.com/8301-30685_3-20018437-264.html Interestingly the folks at CNET made a huge mistake in their calculations since only a fraction of the 227 million web sites are SSL secured. Of that 0.05% appears to be rather tiny, certainly not the 114,000 sites they claimed in the article. From the EFF SSL Observatory (pretty recent data): 10.8M started an SSL handshake 4.3+M used valid cert chains 1.3+M distinctvalid leaves so that's more like 2000 sites that will be broken assuming Google's numbers are legit (of course if those are the top 500 sites it would be rather painful, but a blacklist of 2000 entries is pretty simple to maintain). So he's only off by a factor of 50 or so. Signer: Eddy Nigg, StartCom Ltd. -- Kurt Seifried k...@seifried.org tel: 1-703-879-3176 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Permanently store this exception selected by default
Sorry to reply out of order That way they'll get a warning each time, and more likely to go bug their service provider to keep their certs up to date. Tse Chin Even as a technical user I have a hard time finding out whom to contact at a site and how to convince them to get a properly signed certificate (webmaster@ is usually clueless). If they can't be bothered to google free ssl or keep them up to date chances are they won't fix a self signed certificate or an expired certificate anytime soon. As much as I dislike this interface change I agree with it. -Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: The Rational Rejection of Security Advice by Users by Cormac Herley
When I hit reply the mozilla groups bounces my email, so replying off list. m...@mattmccutchen.net wrote: I'm not claiming that the user knows. I only said that if there is in fact no impersonation, then the error is a false positive. If you're going to redefine what a false positive is than this thread is a HUGE waste of time for all concerned. Here's the reality of it: Self signed certificate, one of two things will happen: 1) The browser (not the user, but we're talking about the browser here) does not recognize the signing authority used for this certificate. The browser reports this as an untrusted certificate. This is correct. How is the browser to know this is a legitmate self signed certificate without being told? Which leads us to the second possibility: 2) The user has already told the browser to trust this self signed certificate, or the bworser came with it installed, or someone rolled out the certificate in the users home directory, etc. In this case the browser would recognize and trust the certificate and not hassle the user. 1 is correct behavior and is always a false positive. The browser can't know if there is impersonation or not, it cannot determine intent (for that matter most users can't either). All the browser can say is: a) This certificate is signed by someone I trust or I have been otherwise told to trust this certificate b) I do not recognize this certificate, it is time for you the user to become involved. For you to claim that the browser should be able to determine the intent of a self signed and unknown certificate (i.e. is it legitimate, or a man in the middle) without any external help represents a failing is to show a pretty fundamental lack of understanding as to how this all works. -Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: The Rational Rejection of Security Advice by Users by Cormac Herley
Wow, now that is over the top! How incredibly obnoxious. So the view of mozilla.org is that their users are incompetent fools. I wonder why you care about security for these 'idiots'? Not everyone on this list speaks on behalf of Mozilla.org (I certainly don't) and even within Mozilla.org I'm willing to bet there is no official viewpoint on users and that there are dissenting view points in fact. The reality is most security professionals, let alone average users don't know the exact differences between DV/OV/EV certificates. Most of them just want to get task X done (online banking, read the news, etc.), and get on with life. So why do I care about the security of others? Because we share the same Internet. It's basically a public health problem, I don't want people sneezing on me just as I don't want infected machines on the network I am on (it increases administrative over head, I have to devote resources to dealing with attacks/etc.). I am also altruistic/selfish enough to want the Internet and services on it to continue functioning. Email is around 90-95% spam, I'd to see a similar influx of garbage hit other services that won't handle it so well. If this is the attitude of the best browser security, no wonder we have so many problems. The reason we have so many problems is this: Security is hard. Different people have different definitions of Security and what level of Security they want. Striking a balance is not easy. Personally I wouldn't mind seeing a return to the days of $300/year SSL certificates that actually were a pain to buy because the verification process was stringent. But I also like the idea of free DV certificates for every site so that as much web traffic as possible can be protected from snooping/etc. (I love that Google Gmail is encrypted by default now). Two viewpoints literally at opposite ends of the spectrum from just one person, now imagine the several million Mozilla.org is trying to please to some degree. jjb -Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Certificate Patrol error (or malformed ssl certificate?)
Kurt, I suggest you try posting this again, without the image, but WITH the certificate that caused Certificate Patrol to complain. As it is, there's no information in this posting with which anyone can help you. That would be the PEM file I placed in the directory. https://www.seifried.org/tmp/certificate-patrol/easyweb36x.tdcanadatrust.com.pem So, it sounds like this is not a complaint about any Mozilla software, e.g. Firefox or Thunderbird, but rather a complaint about an add-on named Certificate Patrol (of which I'd never heard before reading your message). If so, I suspect this mailing list/newsgroup is the wrong place for your complaint. The people who run the addons server don't participate in this list/newsgroup. Right but I can't find any contact info for certificate patrol and I figured if anyone knew about it, they're probably on this list. That and I couldn't find an add-ons mailing list (how does on get on contact with them?). The word contact doesn't occur at https://addons.mozilla.org/en-US/firefox/ and so on. If you know how to contact the add-ons people that'd be nice to know. -Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Certificate Patrol error (or malformed ssl certificate?)
So I logged in to a bank today and Certificate Patrol threw up a warning I haven't seen before (see attached image). What is wrong with this you ask? Look at the dates on the certificates. When is 204/19/2010 exactly? So I downloaded the certificate and ran it through openssl, the text output looks ok, and it looks ok in Firefox's certificate screen. I can't find a way to contact certificate patrol to report a bug though: https://addons.mozilla.org/en-US/firefox/addon/6415 This is the first time I have seen Certificate Patrol do this. If anyone knows how to contact them if you could forward this on I'd appreciate it, or let me know how to contact them that'd work to. CC'ing Joe Schiavo as well just in case the certificate is broken in a subtle manner (although as best I can tell it's ok). It might be a good idea to require some sort of contact info (i.e. email address) or a website with useful information for add-ons so people can get in contact with authors to report bugs/etc. -Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Domain-validated name-constrained CA certificates?
This is not an issue. The name constraint makes it impossible for a domain registrant to issue a certificate that validates for a server name outside that domain. Hence, anything bad I do with my intermediate certificate could only hurt me as registrant of mattmccutchen.net. What about www.paypal.com[NULL].yourcompany.com? I assume that would be allowed by the name constraint with respect to fixed software, but still hit some older software that has the NULL certificate bug. I'm also curious what about www.paypal.com[lots of spaces or underscores or something like that].yourcompany.com? -- Matt -Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Improper SSL certificate issuing by CAs
Is this another 1st of April joke? At least your timing is a bit questionable ;-) No this is not an April fools joke. The PDF at Linux Magazine is what will be in the print copy (due out in 3 weeks I believe). The reality is you can trivially buy SSL certificates for websites you don't control, easiest way is google for a free webmail provider, register an account like ssladmin or ssladministrator and spend $79 and in 20-30 minutes you'll have a certificate. I sent the emails I received from RapidSSL at the account to provide proof/confirmation as I am unwilling to do something rude (and possibly illegal) like sending out the private key publicly. The reality is anyone can verify this, you need to simply google a webmail provider and spend $79. -- Regards Signer: Eddy Nigg, StartCom Ltd. -Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Another protection layer for the current trust model
This does not mean that the certificate verification mechanics are at fault; it only means that CA selection protocol has not been thought out properly: it limped along with a handful of CAs, it is showing the serious symptoms of the malaise with hundreds. In the meantime, does anybody here have any estimate of the number of CAs we expect to be around in the foreseeable future? And what was the number of CAs anticipated when the current anointment protocol was conceived? I think it's more subtle than that, some of the problems in brief: 1) Mozilla/Firefox either trust a CA 100% or not at all. 2) Since I can't adjust trust or have Firefox warn me that I'm viewing a site using a certificate I don't completely trust I can either remove the root certificate, and then encounter unknown certificates and deal with that, or I can manually look at EACH certificate I encounter and figure out who signed it and whether or not I trust them enough (I might trust a site that I simply read, but not to enter my credit card # for example). 3) It's very difficult even for technical users to find out who exactly signed a certificate. For example a certificate is signed by valicert, who is that? (Tumbleweed bought Valicert and then Axway bought Tumbleweed, who the heck is Axway and what exactly do they do?). Or a certificate is signed by beTrust, who is that? (which joined up with Baltimore cybertrust to form Cybertrust, and in turn Verizon purchased the whole thing.). 4) CAs are generally not restricted in whom they can issue certs to, i.e. governmental CA's (Turkey, Holland, Denmark, etc.) are not restricted to issuing certs within .tk, .nl, .dk for example (there are good arguments for and against this, but I think it should at least be discussed, and I'd love to see a bit more user control over this). 5) There is no way for an end user to really verify the CPS/CS stuff, most CAs seem to publish them online, quite a few are out of date by several years 6) There appears to be no re-evaluation for CA's that are bought out or merge with other CAs 7) There are several suspicious and questionable looking CA's in Mozilla/Firefox, e.g.: Internet Publishing Services from Spain, they have 7 certificates, what possible need is there for 7 certificates? 8) The CA approval protocol appears to be largely fail open, they submit paperwork showing they comply with certain standards/etc at a certain time point and then there is a public comment period (where exactly?) and if no-one objects they are in. 9) there is no formal process to revoke certificates for a CA that violate the rules. Heck theres no official set of rules for them to break (one signed malware code, on hundred signed malware codes? a provably weak domain authentication process that allows people to buy certificates for domains they don't own reliably, etc.). 10) I'm not even sure whom exactly to contact about these issues or to report security problems with respect to a CA doing bad things (so I've been lurking on the list for a bit and am now posting). I've also seem these topics raised in this forum, Bugzilla, etc. and nothing much come of them which is what I expect to happen here sadly. One simple question I'd love to see answered: who exactly is in charge of this and what exactly do they do (it seems that certificate approval duty floats around between a few people). -Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto