[cryptography] After the dust settles -- what happens next? (v. Long)
iang at iang.org
Sun Sep 11 19:50:17 EDT 2011
Lucky & Peter said:
>> Moreover, I noticed that some posts list one or more desirable properties and requirements together with a proposed solution.
> That's the nice thing about PKI, there's more than enough fail to go around.
So, what happens now? As we all observe, there are two approaches to dealing with the collapse of faith of the PKI system: incremental fixes, and complete rewrite. Anything that looks like a rewrite isn't going to happen, so incremental it is.
Perhaps a more important question is:
...... Who is going to do all this?
I think we have enough information on the table to figure it out. And that will answer the what/where/how.
Let's raise the bar: Firstly, only those who can deploy will succeed. Secondly, you have to play to win, and finally, you have to win to keep playing!
After a lot of elimination, the winner is: google!
With CA pinning and vendor-revocation. Adam described how pinning worked, and correctly called it a hack. But that was just a CS observation, or apology.
This is almost entirely a governance project, and the rules of governance apply. At that, the project stands tall: Risk management clearly suggests there is a list of high value certs to be pinned, and the architecture clearly identifies the client browser where this sort of processing should go on. The rest is implementation details; and the same could be said for its fast vendor revocation.
Any vendor could have done this? Right? I'd say not.
Google has one more notable advantage: it is the only player with all interests aligned.
This business is about "interests" and consequently, the solution-space has always been led by whosoever can form the dominant group of interested parties. Include one group, exclude another.
So what makes google different? All of the at-risk players can be brought into the same room. (This has probably never happened before.)
Like all vendors, Google is a relying party, acting as proxy for its end-users. However, google is also a subscriber, and therefore its users are really its users. With feeling, and with profits, directly.
A threat to a gmail user is a threat to the advertising, which is a threat to the revenue stream. It doesn't get more direct nor primary than that.
In contrast, Microsoft's revenue stream is more dispersed (windows & word) so developers there tend to go for grand sweeps like InfoCard and .Net. Similar things can be said about other vendors.
For google, and for user security, all the important parties are in the same room. So, google developers can hack for these interests. In ways that directly protect the parties needing direct protection. In ways that others cannot.
So what happens now? In the near term, google will refine its revocation mechanism for known-bad certs. In fullness of time, we will have several distinct certificate revocation mechanism. Call them:
Class A: authority revocation at vendor.
Class B: bad/fraud Cert, at vendor.
Class C: contract revocation by CA.
Then there is pinning. This was hacked in as a fixed list of high-profile sites. That's just a start. Google will expand this in its natural direction. What this is depends on what works for google, alone. Which means, what protects gmail, etc, and keeps those ads served, those buyers and sellers meeting.
Which is the next clue. Lucky Green stated that an original goal of secure browsing (or the "SSL system" in his words) was to introduce the consumer reliably to a merchant site, where that first person didn't already know the site (second person). Hence the third party.
But in this case, google is already the third person, because it also serves the ad. It knows the merchant. So the next thing that is going to happen is google will serve up the ad reliably. Which means, one click, and we go HTTPS-everytime.
Straight in, shopping, happy faces. The cert will be pre-verified, and chrome will know it.
The rest will be implementation details. As this is a crypto list, technical questions will flood in like a tsunami ... But, step back from the bits&bytes, the crypto, the links and handovers and policies.
Think back to the goal: google wants to introduce its users to its advertisers. Through its browser. On its website.
Google will solve this. I could add, "and I'd put good money on it!" But I don't need to; the lion's share of google's revenues - advertising - are on it already.
Good luck guys!
More information about the cryptography