[Freedombox-discuss] Debian as though cryptographic authentication mattered Questions

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Aug 5 20:55:13 UTC 2011

On 08/05/2011 04:24 PM, Melvin Carvalho wrote:
> You can self sign web server certs.  This is what I do.

Of course you can.  You can also use OpenPGP certificates (RFC 6091), or
arbitrarily-signed X.509 certificates that are validated through the
OpenPGP WoT (this is what the monkeysphere firefox extension does).  And
there are probably other mechanisms as well.  You can use these
mechanisms for your client-side certs directly, even.

The problem comes when you expect other parties to verify your identity.

Consider server A.

You want to prove your identity to server A.  You hand server A your
self-signed client-side WebID cert which contains a pointer back to a
URL on your own web server, B (and you prove in the TLS handshake that
you control the secret key corresponding to your WebID cert).

Server A now needs to connect to web server B, and verify that the cert
fetched from B matches the one you uploaded.

If server B offers its data via cleartext HTTP, then anyone in control
of the network can impersonate you by MITMing the A→B connection.

If server B offers its data via HTTPS with a certificate that server A
does not know how to verify, then anyone in control of the network can
*also* impersonate you by MITMing the A→B connection.

Server A is the relying party in this case -- If they can only rely on
the CA cartel, then you're back to the dependency on the CA Cartel i
pointed out originally.

If server A *does* have a mechanism for verifying certificates outside
the CA cartel, then they could use that mechanism on your client cert
directly; so Web ID itself might not be necessary.

Web ID appears to leverage the CA Cartel to indirectly verify
client-side certificates.  This is a win (because it means that end
users don't have to get *themselves* certified by a member of the
cartel), but it's not far enough for what i want -- members of the
cartel are still untrustworthy-yet-trusted middlemen.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110805/3b22c070/attachment.pgp>

More information about the Freedombox-discuss mailing list