On Jul 22, 2009, at 11:40 AM, Mark H. Wood wrote:
On Wed, Jul 22, 2009 at 03:09:25PM +0200, André Warnier wrote:While not contradicting the essence of the above, I would like to knowsomething for my own edification, if some expert could comment.I don't think of myself as an expert, but I'm free with my opinions. :-)[a desire to secure communication among a small, select group using SSL]It is my understanding that we could set up our own "certificate authority" (CA) and create our own server certificates. A customer browser, upon the first connection, would pop up some message indicating that it cannot verify this certificate, and offering maybe to "authorise" our own CA as a validone. Once they did this, the popup would not happen again, and theircommunications with the website would be encrypted (which is the main pointof the exercise).I understand that, in case their DNS system is compromised, they could land onto another website pretending to be ours, and thus accept this otherwebsite certificate and CA.But I consider this possibility as relatively unlikely, and easily detectedby the customers themselves once they proceed. (*) Is anything wrong with the above thinking ?I don't think there's anything wrong, since your judgment of your risk is your own to make, but I do want to suggest that you might consider delivering your CA certificate in advance by other means. A CA certificate, in isolation, is an *unsubstantiated*, *untestable* assertion of identity and authority.
A good CA is similar to good wine. It is getting better with age. One of the oldest unsubstantiated and untestable assertion of identity and authority was announced by Jesus about 2000 years ago: "I am who I am" ......and with time about 2 billion people know it :)
It should be delivered either directly from the CA to the trusting party, or via a mutually trusted third party. (If you have a site which is secured by a commercial certificate that your partners can verify, that might qualify as a trusted mechanism.) I dislike the idea of training people to accept identity "proofs" from sources that could turn out to be random strangers, or to bypass warnings. Unlikely though such an attack may be, such training sets people up to think in ways that tend to compromise security. It should be the norm to expect a verifiable exchange when agreeing to trust. I do think it is quite sensible to set up a private CA for the purpose you describe, and to rely on its certificates for privacy. I only think that the distribution of the CA's own certificate should be done very carefully, since it is the key to the whole security infrastructure that you want to build. -- Mark H. Wood, Lead System Programmer mwood@xxxxxxxxx Friends don't let friends publish revisable-form documents.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|