[SSL Observatory] SSL CA compromise in the wild
Steve Schultze
sjs at princeton.edu
Wed Mar 23 09:48:51 PDT 2011
SSH is just TOFU. So, the current CA model with HSTS is at least as good as SSH, and probably better because at least you first have to compromise a CA. Mozilla and Chrome implement HSTS.
http://en.wikipedia.org/wiki/User:Dotdotike/Trust_Upon_First_Use
http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
http://blog.sidstamm.com/2010/08/http-strict-transport-security-has.html
On Mar 23, 2011, at 12:28 PM, Chris Palmer wrote:
> On 03/23/2011 08:52 AM, Matt McCutchen wrote:
>
>> The SSH "model" is a cop-out.
>
> Its problems are significantly less bad than the status quo. Right now,
> anyone who controls any one of the 1,400+ signing certificates (~650
> organizations, many of them proven not to practice even basic sanity
> checking on what they sign, and now at least one affirmatively pwned)
> can own the entire internet.
>
> Obviously, The True Internet Authentication Scheme will be better than
> SSH. But we could do a lot worse than adopting the SSH model in the
> medium term.
>
>
> --
> Chris Palmer
> Technology Director, Electronic Frontier Foundation
> https://www.eff.org/code
More information about the Observatory
mailing list