Re: Self-signed certificate behavior.

bug-gnuzilla

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Self-signed certificate behavior.

From:	Bruno Miguel
Subject:	Re: Self-signed certificate behavior.
Date:	Tue, 5 Aug 2008 11:55:04 -0030

The first step, i think, should be providing something that doesn't
look like a error404 page and provides some info to the user about the
event. The other stuff is too technical for me.

On 8/5/08, Giuseppe Scrivano <address@hidden> wrote:
> Hi Gervase,
>
> do you think it is possible to have these changes directly in Mozilla
> Firefox?  Self-signed certificates, IMHO, should be handled in a less
> scaring way for users because as Nat already showed, they are not less
> secure than unencrypted sites.
>
> To all: does anybody know of an open certificate authority which issues
> certificates for free?  There is really need for such service?
>
> Regards,
> Giuseppe
>
>
> Nat Tuck wrote:
>> I recently made a blog post complaining about the behavior in Firefox
>> 3 re: self-signed certificates.
>>   http://pandion.ferrus.net/2008/07/31/mozilla-ssl-policy-bad-for-the-web
>>
>> After that post got Slashdotted, I got an email from Giuseppe Scrivano
>> saying that he was interested in implementing better certificate
>> behavior in IceCat. The question is this:
>> What is the optimal certificate handling behavior for a web browser?
>>
>> A self-signed certificate or a certificate signed by an unknown
>> certificate authority shouldn't be treated as an error. Sites with
>> such certificates are no less secure than unencrypted sites. They also
>> shouldn't be marked the same as PKI authenticated sites, since they
>> haven't been authenticated in any way.
>>
>> The current behavior of Firefox 3 - showing a scary warning page
>> instead of any unauthenticated https site - does protect against one
>> specific attack compared to simply allowing self-signed certificates.
>> If the attacker has control over the user's DNS and the user is
>> visiting a https URL directly (i.e. through a bookmark), this behavior
>> will prevent the attacker from simply redirecting the user to his
>> phishing site with a self signed certificate on it.
>>
>> Any new interface should have some mechanism to at least warn about
>> that attack - I suggest storing a certificate the first time a user
>> visits a secure site and notifying the user if the site ever presents
>> a different certificate. This also provides some protection against
>> MITM attacks with self-signed certificates. The warning can't be too
>> scary though - this will happen every time a certificate expires and
>> is replaced.
>>
>> Thoughts?
>>
>> -- Nat Tuck
>
>
>
>
> --
> http://gnuzilla.gnu.org
>

[Prev in Thread]

Current Thread

[Next in Thread]

Self-signed certificate behavior., Nat Tuck, 2008/08/04
- Re: Self-signed certificate behavior., Giuseppe Scrivano, 2008/08/05
  - Re: Self-signed certificate behavior., Bruno Miguel <=
  - Re: Self-signed certificate behavior., Karl Berry, 2008/08/05
    - Re: Self-signed certificate behavior., Giuseppe Scrivano, 2008/08/06
    - Re: Self-signed certificate behavior., Karl Berry, 2008/08/06
  - Re: Self-signed certificate behavior., Gervase Markham, 2008/08/11

Prev by Date: Re: Self-signed certificate behavior.
Next by Date: Re: Add a locale to Icecat
Previous by thread: Re: Self-signed certificate behavior.
Next by thread: Re: Self-signed certificate behavior.
Index(es):
- Date
- Thread