[cryptography] Auditable CAs

Chris Richardson chris at randomnonce.org
Mon Nov 28 16:32:50 EST 2011

Right.  Or to think about it a different way:

Facebook uses a CA-signed cert.  Users connecting to Facebook get no
errors/warnings (assuming no one mucks with the connection)
If someone is mucking with my connection, I get a self-signed Facebook
cert and the appropriate warning screen.

In this case, I know that that my connection is being mucked with
because I know (ahead-of-time/out-of-band) that Facebook uses a
CA-signed cert.

If in several years, I get a cert-does-not-have-audit-proof warning
for Facebook, how will I know if that's because
1. Facebook has chosen a CA that does not use the audit system
2. Facebook has chosen a CA that uses the audit system, but Facebook
chooses not to participate in the audit system
3. Someone is mucking with my connection.

The current system is no stronger than the weakest CA.  I think this
proposal is interesting, but I'm not certain it's any stronger than
the systems that do not participate in it

 -- Chris.

On Mon, Nov 28, 2011 at 1:46 PM, Seth David Schoen <schoen at eff.org> wrote:
> Ben Laurie writes:
>> > How will the opt-out mechanism work so that it is not degraded by uses
>> > clicking through a warning?
>> Don't quite understand the question: if you have opted out you
>> shouldn't get a warning, surely?
> I think that question was about unilateral client-side opt-out (users
> ignoring security warnings) rather than the organized deployment of a
> non-public CA.
> --
> Seth Schoen  <schoen at eff.org>
> Senior Staff Technologist                       https://www.eff.org/
> Electronic Frontier Foundation                  https://www.eff.org/join
> 454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

More information about the cryptography mailing list