Re: [tor-relays] OT :Self-signed SSL certs - was - Re: Watching the attacks on my relay
On Sat, 9 Nov 2013 12:50:18 + mick wrote: > I don't see any problem per se with a self-signed certificate on a site > which does not purport to protect anything sensitive (such as financial > transactions). The problem with this particular certificate is that > the common name identifier is both wrong (www) and badly formattted > (http://) But both of those errors can be corrected very quickly. > > Why pay a CA if you don't trust the CA model? If your primary objection is the need to pay for certificates (and not e.g. the possibility of CA itself being backdoored etc), then I'd suggest considering CACert[1]. It provides free wildcard certificates which are already trusted out of the box by some[2] FOSS operating systems such as Debian. I'd say it is better than trusting individual self-signed certs, and somewhat better than using your own root CA cert, since it saves the effort required to install your own CA on all machines you need to use it on. [1] http://www.cacert.org/ [2] http://wiki.cacert.org/InclusionStatus -- With respect, Roman signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] OT :Self-signed SSL certs - was - Re: Watching the attacks on my relay
On Sat, 9 Nov 2013 21:30:13 +0600 Roman Mamedov allegedly wrote: > On Sat, 9 Nov 2013 12:50:18 + > mick wrote: > > > I don't see any problem per se with a self-signed certificate on a > > site which does not purport to protect anything sensitive (such as > > financial transactions). The problem with this particular > > certificate is that the common name identifier is both wrong (www) > > and badly formattted (http://) But both of those errors can be > > corrected very quickly. > > > > Why pay a CA if you don't trust the CA model? > > If your primary objection is the need to pay for certificates (and > not e.g. the possibility of CA itself being backdoored etc), then I'd > suggest considering CACert[1]. It provides free wildcard certificates > which are already trusted out of the box by some[2] FOSS operating > systems such as Debian. > > I'd say it is better than trusting individual self-signed certs, and > somewhat better than using your own root CA cert, since it saves the > effort required to install your own CA on all machines you need to > use it on. > > [1] http://www.cacert.org/ > [2] http://wiki.cacert.org/InclusionStatus > Roman Paying for certificates is not my objection. My objection is to the model which says that "if I give money to a commercial entity in exchange for a certificate, that means that the trust chain is valid." I've actually bought certificates for websites I managed in the past and I am deeply unimpressed with the process. And, as you say, the cert could be backdoored. There are a huge number of CAs from all over the place in the default set shipped in ca-certificates - who do I trust? I have looked at CA-Cert in the past. They have the problem of very limited acceptability (https://en.wikipedia.org/wiki/Comparison_of_SSL_certificates_for_web_servers) But as I said, in my particular case, my certs are there to protect my credentials in transit. I don't have to care about whether others trust me. So I don't need a CA. (Though if I did want others to trust me, I'd probably use CAcert). Best Mick - Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net - signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] OT :Self-signed SSL certs - was - Re: Watching the attacks on my relay
Hi List :) Paul Syverson: > You may want to take a look at > https://blog.torproject.org/blog/life-without-ca What about the Perspectives addon? http://www.cs.cmu.edu/~perspectives/ (or http://perspectives-project.org/ where it redirects me) and the talk "BlackHat USA 2011: SSL And The Future Of Authenticity" https://www.youtube.com/watch?v=Z7Wl2FW2TcA [CW]ould you recommend using it? (e.g. in conjunction with Certificate Patrol) I have the impression, there aren't that many people regularly using (and relying on) it. But probably, it could be interesting to (1) have a notary as a hidden service and/or (2) as normal (outside tor) server that does the queries through tor. If in addition, (3) the Perspectives user uses tor for the queries, (s)he hides his identity from the notary. Purpose of (1): Hide the notary to make it harder to MiM it. Purpose of (2): Randomly* change the perspective of the notary as it views through the exit. For (2): - On the other hand, the "quality of results" then depends on the number of exit nodes and the probability to choose different exits (with high bandwidth exits being chosen more frequent by tor(?)). - Effectively, this would be the same as without Perspectives and using tor to retrieve the SSL certificates, though it would require multiple exit node changes and queries to get multiple views. I have to admit, that I'm not knee deep into these topics, so consider these just as some unqualified thoughts... -- n ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
