[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Self-signed certificate behavior.

From: Giuseppe Scrivano
Subject: Re: Self-signed certificate behavior.
Date: Tue, 05 Aug 2008 11:48:37 +0200
User-agent: Thunderbird (Windows/20080708)

Hi Gervase,

do you think it is possible to have these changes directly in Mozilla Firefox? Self-signed certificates, IMHO, should be handled in a less scaring way for users because as Nat already showed, they are not less secure than unencrypted sites.

To all: does anybody know of an open certificate authority which issues certificates for free? There is really need for such service?


Nat Tuck wrote:
I recently made a blog post complaining about the behavior in Firefox
3 re: self-signed certificates.

After that post got Slashdotted, I got an email from Giuseppe Scrivano
saying that he was interested in implementing better certificate
behavior in IceCat. The question is this:
What is the optimal certificate handling behavior for a web browser?

A self-signed certificate or a certificate signed by an unknown
certificate authority shouldn't be treated as an error. Sites with
such certificates are no less secure than unencrypted sites. They also
shouldn't be marked the same as PKI authenticated sites, since they
haven't been authenticated in any way.

The current behavior of Firefox 3 - showing a scary warning page
instead of any unauthenticated https site - does protect against one
specific attack compared to simply allowing self-signed certificates.
If the attacker has control over the user's DNS and the user is
visiting a https URL directly (i.e. through a bookmark), this behavior
will prevent the attacker from simply redirecting the user to his
phishing site with a self signed certificate on it.

Any new interface should have some mechanism to at least warn about
that attack - I suggest storing a certificate the first time a user
visits a secure site and notifying the user if the site ever presents
a different certificate. This also provides some protection against
MITM attacks with self-signed certificates. The warning can't be too
scary though - this will happen every time a certificate expires and
is replaced.


-- Nat Tuck

reply via email to

[Prev in Thread] Current Thread [Next in Thread]