February 10, 2004

CAcert debate leads rethink for SSL certs

A cert for a new CA, conveniently named CACert, is being proposed for addition to Mozilla, the big open source group pushing out a successful browser.

As CACert is not a commercial organisation, and doesn't sell its certs for any sort of real money, this has sparked quite a debate.

Mozilla Foundation has held firm to its non-commercial roots so far, by announcing and publishing a draft policy and faq that espouses no-cost CA Cert addition, and fairly perfunctory checks.

The groundswell for reworking browser approach to the crypto security layer is growing. In 2003, I pressed the debate forward with a series of rants attacking the SSL/HTTPS (in)security design.

I suggest the way is now open for cryptographers to adopt economic cryptography, rather than the no-risk cryptography approach used and since discredited in SSL.

In the specific case of SSL/HTTPS, we recommend moving to:

  • opportunistic cryptography, as employed successfully by SSH system:
    • acceptance of self-signed certs by browsers, and
    • automatic generation of self-signed certs by servers;
  • the switch of emphasis to browser presentation of security information and the branding of certs and CAs.

Copying the successful economic cryptography model of SSH would definitely lift the ugly duckling SSL crypto system up out of the doldrums (1st in above rants page, "How effective is open source crypto?" discusses the woeful statistics for SSL certificate usage).

Posted by iang at February 10, 2004 09:37 PM | TrackBack

To enter the debate, subscribe to the mozilla-crypto mailing list at mozilla-crypto@mozilla.org through this page: http://mail.mozilla.org/listinfo/mozilla-crypto or, enter this news group: netscape.public.mozilla.crypto

Posted by: Ian Grigg at February 12, 2004 08:48 AM