[Freedombox-discuss] FOAF developers taking FreedomBox into their equation

Jonas Smedegaard dr at jones.dk
Thu Mar 10 11:28:57 UTC 2011 

On Wed, Mar 09, 2011 at 11:00:38PM -0500, Daniel Kahn Gillmor wrote:
>On 03/09/2011 06:11 PM, Melvin Carvalho wrote:
>> Traditionally we've always 'self signed' our WebID certificates.  So 
>> there's no CA that needs to be in the loop.  In fact, I dont know of 
>> any instance WebID has *ever* been used with a CA, but I suppose it 
>> is possible too. :)
>
>For plain http:// URL WebIDs, there is no CA in the loop; but plain 
>http:// WebIDs are vulnerable to a pretty trivial attack by someone 
>with reasonable control of the network -- all they need to do is forge 
>DNS or intercept traffic to convince the server doing a backhaul lookup 
>that the client's presented WebID cert is legit.  This level of 
>vulnerability to an attacker in control of the network doesn't seem to 
>meet the standards i'd hope for a robust, freedom-preserving scheme.
>
>So that leaves https:// WebIDs, which in turn need some sort of 
>certificate validation.  I'm pretty sure that any WebID that points to 
>an https:// URL relies on the CA cartel to validate the backhaul 
>connection, in the current implementations, no?  Either the certificate 
>validation is not happening (in which case the scheme is vulnerable to 
>an attacker in control of the network again), or the certificate 
>validation relies on some set of CAs.
>
>I'm happy that WebID is trying to sidestep the CA cartel for end-user 
>certificates.  But it seems to rely on either (a) centralized, 
>cryptographically-guaranteed DNS (DNSSEC) or (b) the CA cartel to 
>validate the server-side certificates (or both).  Both of these options 
>leave a handful of fairly unaccountable middlemen with the ability to 
>perform denial of service attacks on end user identities and even 
>impersonations.
>
>I'd love to hear suggestions for improving the scheme to be resistant 
>to these middlemen, but i don't think i've heard any of them yet.

I believe the key to this is the FOAF part: I can, in my FOAF file, 
beyond declaring what friends I have and what WebID public key is linked 
to it, also declare what CAs I trust (which might be only my very own 
FreedomBox).

I imagine FreedomBoxes can then grow a web of trust, not only of people 
but also of CAs.

If some of my close friends trust e.g. CAcert.org then I should also 
trust it - or alternatively I should lower the trust in those friends.
FreedomBox can help with both those logics, I believe.


  - Jonas

-- 
  * Jonas Smedegaard - idealist & Internet-arkitekt
  * Tlf.: +45 40843136  Website: http://dr.jones.dk/

  [x] quote me freely  [ ] ask before reusing  [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110310/f8f4a127/attachment.pgp>

More information about the Freedombox-discuss mailing list