firefox and bad ssl certificates

Thu May 8 01:38:09 UTC 2008

On Wed, 7 May 2008 17:36:54 -0600 Neal McBurnett <neal at bcn.boulder.co.us> 
wrote:
>On Thu, May 08, 2008 at 12:45:46AM +0200, Martin Pitt wrote:
>> Peio Ziarsolo [2008-05-07 13:03 +0200]:
>> > But for power user that know the significance of a bad certificate it's
>> > annoniying add exceptions (this morning I have to add 3 esceptions).
>> 
>> This doesn't have anything to do with power users/n00bs. An invalid
>> SSL certificate isn't any better or worse depending on the type of
>> user. If a site sets up SSL with an invalid certificate, then this
>> buys the user nothing but a false sense of security.
>> 
>> The proper approach to this IMHO is to make adding exceptions in all
>> web browsers (especially IE) as hard and explicit as in Firefox 3.
>> This would perhaps force site admins to get a grip and stop ignoring
>> broken SSL certs, once they get a flood of complaints.
>> 
>> > Is there any key to toogle off this new feature? 
>> 
>> I *so much* hope that there isn't. People should really start to
>> understand that this is a SERIOUS error and shouldn't at all be
>> considered 'normal'.
>
>Invalid certs are one thing.  But doesn't this also affect self-signed
>certs?
>
>Self-signed certs are appropriate for many use cases in which the goal
>is primarily encryption (e.g. to protect data flowing back from the
>server to the user), rather than e.g. protecting bank accounts by
>authenticating the server to the user.  E.g. connecting to a local
>ebox management port, or a small community wiki.
>
>In many low-security situations, this change pushes server operators
>into buying pricey certs from certificate vendors who often offer
>little or no meaningful vetting and accept zero liability.
>
>This stuff is complicated, involves politics, and can't be painted
>with such a broad brush.  Education is a big part of it, like with most
>security-related issues.
>
>The current warnings are confusing, and are being improved.  Let's try
>to see to it that they communicate as well as possible.  Otherwise too
>many grass-roots sites will just go back to asking folks to enter
>passwords over unencrypted connections, or users will get used to
>bypassing yet another set of dialogs and phishing will continue
>scarcely abated.
>
>E.g. how hard is it for folks to buy in to their own web of trust and
>get e.g. all CACert certs accepted?
>
> http://cacert.org
>
I think you are correct.  This "improved security" may well have the 
opposite result.

Additionally, a valid SSL cert for a particular domain does nothing to 
solve phishing based on near-match (cousin) domains.  Unlike email, exact 
domain forgery is not the major problem.  If I own paypa1.com, I can get a 
valid SSL cert for it too.

SSL (aka TLS) is about securing data from external observation.  Trying to 
overlaod it with a hierarchical CA cert system does not provide substantial 
endpoint authentication.  At best it helps against exact domain spoofing 
(via DNS attacks).  At worst it encreases user risk due a false sense of 
security.

In my experience these kinds of U/I hurdles just annoy and desensitize the 
user and do not provide any real security.

Scott K