Domain: networknotary.org
Stories and comments across the archive that link to networknotary.org.
Comments · 21
-
Re:Expired certificate on bug report host's server
Eep. Well, it expired 3 days ago. But yeah.
According to Perspectives, it's been consistent for the past 176 days. Good enough for me.
-
Re:Perspectives
The idea is that the client doesn't rely on just one notary, the client checks several of them, chosen at random from a large list. So the attacker has to compromise all of the notaries the client chooses to use, simultaneously, and without knowing which notaries the client might use. The attacker could block access to all of the notaries but the one he's compromised, but that's trivially defeated by configuring the client to require multiple successful validations, and to refuse to validate at all if many notaries appear to be offline.
That is a good idea.
However, by looking at the code I can see a few weaknesses:
There's a single point of failure: the notary list. If you can manage to provide your own, you're set, no matter how many notaries there are.
Fortunately, the list is signed. Less fortunately, it's vulnerable to replay attacks. One could make the job easier by saving an old list with few servers. Also all of the notaries are on the same domain which probably is not a good thing.
Further, keep in mind that Marlinspike's system doesn't have to be a replacement for the existing PKI. It can stand beside it, and clients can be configured to require both systems validate a server's certificate before considering it valid. This would make the attacker's job nearly impossible.
Now that's more along the lines of what I was saying.
However, what about false positives?
Realistically most of the time you'll be seeing false positives from Perspectives. Lots of certs only last a year, there's only 365 days in one. If you browse around enough you will see a validation errors pretty often, for every time a cert is renewed. The current gmail cert expires on 19/12/2011, will you stay away from gmail until Perspectives is happy with the new cert?
-
Re:CAs are dinosaurs
Self-signed certs, distributed verification system. Try it out now:
http://www.networknotary.org/firefox.html
Have you been living in a cave?
-
Re:Convergence
The attack appears to have been targeting Gmail users specifically.
Okay, then, more relevantly, multiple views on Gmail's certificate.
That'll give you a good idea if someone's MITMing you.
-
Re:Convergence
Thanks for bringing this up. Every time we talk about SSL issues folks fail to bring up the notaries-based systems. (Even during the last
/. article, which was really about Marlinspike's Convergence.)Additional information: Convergence is based on Perspectives.
Network notaries let you see a diverse views of the public key(s) used by an HTTPS server over time.
As an example, here are multiple views of Google's SSL.
-
Re:Convergence
Thanks for bringing this up. Every time we talk about SSL issues folks fail to bring up the notaries-based systems. (Even during the last
/. article, which was really about Marlinspike's Convergence.)Additional information: Convergence is based on Perspectives.
Network notaries let you see a diverse views of the public key(s) used by an HTTPS server over time.
As an example, here are multiple views of Google's SSL.
-
Re:So now where should hobbyists turn?
Against what trusted source would they verify the fingerprint?
Using the following two Firefox plugins gets you pretty effective certificate vouching:
-
Re:Self-signed certs + notaries?
Yeah, but...
Here's the current list of Perspectives notaries:
cmu.ron.lcs.mit.edu
convoke.ron.lcs.mit.edu
mvn.ron.lcs.mit.edu
hostway.ron.lcs.mit.edu
Not exactly a robust distributed web of trust without a single point of failure. And I really don't want to put that much trust in MIT since the Josef Oehmen thing... -
Self-signed certs + notaries?
Why not switch to self-signed certs + a notary system like Perspectives? It would at least be an improvement on today's situation, since there would be no need for CAs and there would be some MITM prevention built into the system.
-
Better SSL Protection TODAY
You can increase your SSL security today by using Perspectives.
It tells you if others are seeing the same cert you're getting from a website. So it protects against MITM attacks.
-
Re:PGP certs
http://www.networknotary.org/
Perspectives is a wonderful little Firefox extension (with Chome beta) that does exactly as you suggest - uses a web of trust to automatically bypass errors for self-signed certificates, while also detecting stuff like these fraudulent Comodo certs. -
Re:Don't trust CAs at all
I highly recommend the Perspectives Firefox extension. It basically compares the cert you are handed to the one everyone else received (including in the past), which would have detected the fraudulent Comodo certs. Much easier than running around to multiple connections.
-
Re:Not good enough
I highly recommend the Perspectives Firefox extension. It basically compares the cert you are handed to the one everyone else received (including in the past), which would have detected the fraudulent Comodo certs.
-
Defense In Depth
However much you decide to trust the CAs your browser comes with, you can add some checks to the SSL validation process.
1. Check that others are seeing the same cert that you are.
2. Check that the cert for a site has been consistently what you're getting now.Tools for this: Perspectives and Certificate Patrol.
Example details from Perspectives check of an HTTPS site
Brief blog entry on Certificate Patrol -
Defense In Depth
However much you decide to trust the CAs your browser comes with, you can add some checks to the SSL validation process.
1. Check that others are seeing the same cert that you are.
2. Check that the cert for a site has been consistently what you're getting now.Tools for this: Perspectives and Certificate Patrol.
Example details from Perspectives check of an HTTPS site
Brief blog entry on Certificate Patrol -
some protection
Have your browser monitor for when certs are updated. And use public notaries to tell you whether others are seeing the same certs for the site.
An example of who else is seeing the addons.mozilla.org cert you're seeing.
-
some protection
Have your browser monitor for when certs are updated. And use public notaries to tell you whether others are seeing the same certs for the site.
An example of who else is seeing the addons.mozilla.org cert you're seeing.
-
SSL certs discussion: always note these
Here are a couple Firefox addons that can help you avoid compromised certificates/CAs:
- Perspectives - crowdsourced cert recognition
- Certificate Patrol - tells you when certs change
-
Things You Can Do On Your Own
Neither of these are perfect, but here are two different firefox add-ons that can significantly reduce the chance of you falling victim to a compromised certificate authority:
Network Notary - sort of crowd-sourcing approach
Certificate Patrol - remembers the certs of sites you've visited in the past and tells you when they change -
Key continuity management
SSH is a perfect example. When you first connect via SSH, you confirm that you trust the certificate. Your client then remembers the certificate for future use. Why doesn't web technology do this?!?
This is called the "key continuity management" model, and web browsers support it as well. Firefox 1. warns that banks don't use self-signed certs, 2. presents the cert to the user so that the user can look at the fingerprint and compare it to a fingerprint exchanged out of band, and 3. allows the user to whitelist the fingerprint. The trouble with the is that if you're MITM'd the first time you visit the site, you're screwed. There is an alternative approach known as Perspectives that uses notaries distributed throughout the Internet to find MITMs, under the assumption that a single MITM will be able to compromise only a small number of paths through the Internet, but it doesn't really work for a MITM between the server and the backbone. In addition, I haven't seen the Perspectives add-on ported to Firefox 4, to IE, or to handheld browsers.
-
Re:This is nothing new
We can actually validate certificates relatively well using "notaries". This gives us in effect validation of identity. It's better than trusting CAs, and you don't have to buy certificates:
"Perspectives"