A precise analysis of the situation we are in, is given by Chris Palmer, Seth Schoen and Peter Eckserly  in It’s Time to Fix HTTPS.  They make some key points that I would like to see stressed more in the discussions:

  1. Usability is the number one problem for security on the Internet
  2. The security model for browser PKI certificates is not properly understood by users, developers or administrators.
  3. SSL certificates are subject to some perverse incentives that lowers the real security

I like the statement about security:

  • If people don’t understand it, we engineered it wrong.

and the more realistic statement

  • Let us start by making a security model that requires only one advanced degree to understand.

If the solution proposed in the presentation is a good one I do not know.  Any solution that trusts everchanging sources runs the risk of being gamed.  Any static solution runs the risk of not being updated.

I hope the last statement about making something that requires only one advanced degree is possible.  The current use of SSL certificates is what I regard as

  • The server promised to encrypt your communication, and they may be who they claim to be (but check out of band if you really care)
Advertisements