[cryptography] Allergy for client certificates

ianG iang at iang.org
Sun Oct 6 00:23:44 EDT 2013

On 30/09/13 19:55 PM, Guido Witmond wrote:
> On 09/30/13 17:43, Adam Back wrote:
>> Anyway and all that because we are seemingly alergic to using client side
>> keys which kill the password problem dead.
> Hi Adam,
> I wondered about that 'allergy' myself. I have some ideas about that and
> I'm curious to learn about other.
> Here are mine:
> 1. The long standing belief is that client systems are untrustworthy.
> Any malware will go after the client certificates. So without proper
> sandboxing, capability-security and other partitioning mechanisms, the
> user is toast.

If the client system is untrustworthy, then the user is toast, and the 
password is so much candy.  So this is not something that effects client 
certs one way or another.

> The most popular consumer-OS was (is?) also the most leaky.
> Where was The Hurd when we needed it? Why did people fall for Unix when
> Multics was so much better?
> 2. It's easier to change a password in a database than to talk the user
> through creating an submitting a new pub/priv key pair.

No way.  We've done that work over at CAcert and it is far easier to 
have the user create new certs than to authenticate the user for a new 
password.  In essence what it does is it outsources the "lost password" 
problem over to the certificate business, which is also more efficient.

The problem of client cert management is strictly bad software and not 
enough attention to making it easy.  There is a cert rollover issue, but 
again, that's because there isn't enough attention to it.

> 3. The crypto-programs were too diffucult to use. Requiring end users to
> make trust decisions about entities they never heard of.

Again, this is a myth.  It's actually easy enough to run a single 
purpose CA.  It's a few thousand lines of code.

> Who is Verisign
> and why should I trust them

That's certainly a question.

> 4. Client certificates from the big CA-peddlers are akin digital
> passports, eliminating all non-repudiation.

That's all marketing blather.  It can be ignored for the most part.

> Ie, a privacy problem.

Yes, to the privacy problem.  But that's a lost battle, as if they are 
tracking the users, they are doing it through 100 other mechanisms anyway.

> 5. Only recently, computers have become powerful enough to encrypt
> everything, all the time. Now we can afford to burn cpu cycles on
> encryption without getting usability to suffer.

That's also an old dead argument.  In order to address the phishing 
thing, we have to move everything over to HTTPS.  So we're going to be 
encrypting everything anyway.


More information about the cryptography mailing list