Slashdot Mirror

Just go to http://www.thawte.com/certs/personal/. Its quick and easy, especially with MS lookOut Express.

And if you don't want to pay for a cert, Thawte offers their personal certs for free, complete with a web-of-trust program.

At thawte.com you can get 3rd level domain certs for $125 - they have excellent support too - even telling you how to get a cert out of an NT box and putting it into openssl.

I recently installed Apache/mod_ssl at work and tried to use it with our existing Verisign certificate. Verisign has some weird double certificate system that caused connection errors with some builds of IE5 under mod_ssl. The same certificates worked under Apache/Stronghold. The mod_ssl FAQ has lots of information on connection problems with IE, but I tried every single suggestion and couldn't get it to work. I eventually switched to a Thawte certificate. That worked like a charm.

So - does anyone know if the problems I encountered were mod_ssl/verisign specific, or does Apache-SSL have the same issues?

Cheers.

"Central clearinghouse" PKI is what SSL uses. SSL certificates are signed by Certificate Authorities (CAs), such as VeriSign. CAs are trusted entities who verify an applicant's identity before issuing them a certificate. A certificate is the same as a public key except that it has more information about the owner - usually the x.509 Distinguished Name which consists of a "common name" (CN), "organizational unit" (OU), "organization" (O), "locality" (L), "state" (S), "country" (C), and sometimes email. For instance, Microsoft's DN is CN=www.microsoft.com/OU=mscom/O=Microsoft/L=Redmon d/S=Washington/C=US. How do you know which CAs to trust? Web browsers typically have a built-in list. Anyone can act as a CA, but when someone views a website which is using one of that CA's certificates, the user's web browser should (and most do) display a warning. Go to Fortify's SSL test page and my HTTPS website. Fortify's certificate was issued by Thawte (who I believe is now owned by VeriSign), a widely-known CA whose certificate is in most/all browsers. My certificate is signed by the "Zevils CA", which doesn't really exist. Your browser should display a warning when accessing the zevils site but not when accessing the Fortify site.

The other popular method of PKI is known as the "web of trust." This is what PGP and GPG use. If you know someone in real life, you have proof of their identity (such as a driver's license), and you both have GPG/PGP keys, you should sign each other's public keys and upload the signed keys to the keyserver. Here's how the web of trust works (with help from the GNU Privacy Guard Handbook):

Alice knows Bob in real life. They both use GPG. Alice knows with absolute certainty that a certain key is Bob's key, and that Bob is who he says he is, so she signs Bob's key with her key. Alice and Bob discuss PKI every day at lunch and Alice knows that Bob has excellent judgement on when to sign a key, so she tells GPG that she trusts Bob's signature on a key as much as her own (she can also give Bob marginal trust or no trust - see GPG documentation for details.) Bob has signed Charlie's key. Thus, Alice trusts Charlie's key. The web of trust, at least in the GPG implementation, is quite flexible and does extend to a depth of more than one. See the GPG handbook for more information.

Of course, PKI is not a magical security fairy that sprinkles security dust on your keys while you're asleep at night. Bruce Schneier and Carl Ellison have written an excellent paper, Ten Risks of PKI (Computer Security Journal, v 16, n 1, 2000, pp. 1-7)

That's what I was wondering... whether this means its now OK to use mod_ssl/OpenSSL in the U.S.

And where can you get a server cert for $45 or $90? The cheapest I am aware of is $125 from Thawte Consulting, a division of Verisign.

I actually need to buy a cert in the next week or so. If I could save a few bucks it would make me a happy man. Browser compatibility is of great concern though.

I was under the impression that certs are NOT tied to a specific IP address, but a domain or host name instead, according to this FAQ. But I don't know alot about hosting and such, and considering the high moderation of this comment, kinkie must be correct and I'm confusing this with a different issue. Can someone explain the difference to me?


Quidquid latine dictum sit, altum viditur.

<shameless plug>
I'm in the process of setting up on-line ordering on my website right now. Most of the website is technical resources for building electronic projects using embedded processors. A recent addition, that we expect to need the on-line ordering for, is the open source MP3 player, which today is a primitive first generation design, but hopefully soon I'll have a nicely redesigned version.
</shameless plug>

Fortunately, my partner is an accountant, which has really helped. She set up a proper visa merchant account with our bank. It cost $100 up front. They take $0.65 per sale, plus approx 3%. There's a minimum $15 monthly charge, so hopefully we'll actually sell at least $500/month. The visa charges are entered using a touch-tone phone, so we didn't have to buy any equipment. They offer a terminal, for (I think) $450. With the terminal, we would get a per-sale charge of $0.07, and a little lower percentage of the sale, about 2.5% as I recall. They let you buy and add the terminal anytime you want.

It looks like there's a free software package called CCVS - Credit Card Verification System which allows your linux (or unix) box to emulate a terminal (requires a dedicated modem)... but there's a catch. It needs to be loaded with an encryption key. Redhat sells these keys for approx $1000. If anyone knows someone who can provide a key for CCVS for less, please contact me. Robin found a similar windoze based program, where they wanted a monthly charge and some percentage of the sale, on top of the percentage taken by the bank! Not cool, but I wouldn't run a windows server even if it was affordable.

Setting up the SSL stuff on the webserver is relatively easy, but you need a cert. VeriSign charges $350, so we went with Thawte, who only wanted $125 (even though they're now owned by Verisign). Again, robin did most of the work there. I generated the CSR from the server software, and she faxed them copies of our LLC papers and other business stuff. About a week later we got the cert. The cert lasts for only one year, you it looks like we have to pay $125 every year. I hope they don't jack their price up to Verisign's level!

Robin ran a test charge onto her credit card a couple days ago, and it seems to be working very nicely. The merchant appears as "PJRC.COM, LLC", which I think is much cooler than "ibill...some number".

For the on-line shopping cart, I looked at a couple of them, but they didn't have that look and feel that I want for my website, so I've been rolling my own. It's turned out to be a bit more coding than I originally thought, but still not too bad, and I'm really happy with the results. When the order is confirmed, the code just sends Robin and I an email, and makes sure the data stored in our database really matches what they filled out on the form.

I'm putting the final finishing touches on the cgi scripts right now, and hopefully it'll be on-line later tonight!

Also, I would use both PGP and x.509. You can exchanged mail signed with an x.509 cert to transfer/verify the public key. I have not found an easy way to do general encryption with x.509 certs the way I can with pgp. Besides, how many webmail places will verify an x.509 signed mail?

For the best of both worlds, have Thawte sign your PGP key. Most pgp registries mirror, and the clueless users are likely using the windows version which makes registering keys painfully simple.

Fundamentally, the problem you describe is this:

How do I trust a user is who they say they are?

If you can count on that, then you have any number of access/content control mechanisms. This is exactly what PKI (Public Key Infrastructure) addresses.

Fundamentally, you don't want to validate the machine, you're interested in the user. So forget network id, et al.

As others have pointed out, the obvious solution is Kerberos, from MIT. It was specifically designed to solve the problem you have. However, you have to build kerberos into your application, so it's not simple, and neither is the setup.

The second most popular solution are Personal Digital Certificates (NOT SSL Certificates). These are tied into Web Server authentication (for the most part), but can be used as a generic authentication mechanism. Depending on what you want, they can be relatively cheap and uncomplicated, or it can get pretty hairy. Look at Thawte for a decent example - also, check out the iPlanet Certificate Server for some relevant info. Honestly, this is probably the easiest way to do what you want, IF you can do a web-based service. It won't be free, but if you scrape around, you can probably get it in place for a modest amount.

You can also look at things such as TIS or SecureID: these are more hard-core, since they're hardware token-based authentication schemes, and generally require custom software (though SSH supports TIS/SecureKey).

As a last resort, you might investigate VPN solutions, since, while they're not PKI in a true sense, they can provide network validation. S/WAN for Linux is a good, free thing here, and you might look at an IPSec implimentation, too.

Best of Luck.

-Erik

Thawte has an interesting take on the whole security idea. They will issue you a personal certificate if you present yourself to a "trusted" person, either someone already in the web of trust or a bank office, attorney, etc... It's not unlike PGP but a little more fleshed out.

Details here.

With Thawte acquired by Verisign, I'm not sure if they are committed to this in the future, since their site now seems to be covered with ads for Verisign's personal certificates.

But, the idea is an interesting one. A distributed ranking system where you accumulate "trust points" seems like a system that would work well with the open source world. In a sense, this is much like eBay, where you gain or lose "trust" in the system with every sale or purchase. While some people have been able to abuse the system on eBay, in general they haven't had wide-spread fraud, which is really what you should be worried about. The nice thing about eBay is that it empowers the individual. *I* get to decide if I trust you or not based on my personal criteria.

It's obvious that the existing credit-card system isn't secure enough for the internet world, so I can understand the anime site requiring some form of extra identity. Some sort of "identity broker" or "infomediary", to use the trendy term, seems to be required to make this work. In some cases, maybe that is your bank or credit card company, but I think the long-term solution would need to be more distributed, otherwise it all gets bogged down in inter-company politics and positioning.

Perhaps in the future, you will need to establish a "trust rating", much like a credit rating, with one or several identity broker services before you can do business on the internet. Thawte's system is a good start, it would be nice to see something more open and endorsed by the business world.

-Twid

Thawte has an interesting take on the whole security idea. They will issue you a personal certificate if you present yourself to a "trusted" person, either someone already in the web of trust or a bank office, attorney, etc... It's not unlike PGP but a little more fleshed out.

Details here.

With Thawte acquired by Verisign, I'm not sure if they are committed to this in the future, since their site now seems to be covered with ads for Verisign's personal certificates.

But, the idea is an interesting one. A distributed ranking system where you accumulate "trust points" seems like a system that would work well with the open source world. In a sense, this is much like eBay, where you gain or lose "trust" in the system with every sale or purchase. While some people have been able to abuse the system on eBay, in general they haven't had wide-spread fraud, which is really what you should be worried about. The nice thing about eBay is that it empowers the individual. *I* get to decide if I trust you or not based on my personal criteria.

It's obvious that the existing credit-card system isn't secure enough for the internet world, so I can understand the anime site requiring some form of extra identity. Some sort of "identity broker" or "infomediary", to use the trendy term, seems to be required to make this work. In some cases, maybe that is your bank or credit card company, but I think the long-term solution would need to be more distributed, otherwise it all gets bogged down in inter-company politics and positioning.

Perhaps in the future, you will need to establish a "trust rating", much like a credit rating, with one or several identity broker services before you can do business on the internet. Thawte's system is a good start, it would be nice to see something more open and endorsed by the business world.

-Twid

This is true, unfortunately. Here in South Africa, we have such a lot to go in terms of barriers before we can ever reach the level of the western world - there is just too many priorities to which the money must go, and (alas) also so many corrupt pockets on the gravy train that need filling.

Free internet is something that will not happen (for a while, anyway). We have a monopoly in terms of telco providers (as in regulated by law!), and they also have the monopoly on supplying our international links. You can look at a standard latency of 600ms for crossing the Atlantic via satellite (or whatever awful copper cable there probably still lies on the seabed). Some recent upstarts have tried selling a advertising-based 'free' internet service, but it is so hopelessly flooded that you'd better not hope on getting decent bandwidth.

Above all, we're mostly all still on modems. ISDN is relatively new (not to mention expensive), and DSL has only been available in a few select places at rediculous prices.

But, somehow, the ISP market is flourishing. You see all these fly-by-night episodes, and even mother ISPs are offering a 'virtual ISP' job, where you have no physical equipment. You just basically resell a bigger ISP's service.

In any case, it's not the government's priority now to supply people with free internet. South Africa recently passed the 1.6million internet users, and (memory serving) that comprises of 90% of Africa's total usage. The thing is - it is just not an option now.

On the upside, many companies are jumping to constructively use the internet to their advantage. I was pleasantly surprised to find the local railway's time schedule online, albeit just in one huge table. So, I think given time, companies with a bit of genius will get to the forefront of development in this arena. Just think of Thawte!
----------------------------------------- ----------

A single entity to control: more than 50% of all certificates. Actually, about 90% if their pending merger with forgot the name will not bite the dust. It is under investigation at the moment

The company is Thawte, and unless I'm mistaken, the combined company would control something more like 98% or 99% of the market. The scary thing is, I know some of the folks at various securities corporations down near wallstreet who are in favor of the merger, since having no choice means less hassle for them. I hate that mindset.

Most public key implementations has some form of key-signing method, whereby a third party can sign your key public key, thereby certifying that you are who you say you are

The big problem with this, is how can you trust the person who's signing? Thats where the concept of having well-known Certifying Authorities (such as Verisign) who validate your identity, then sign your public key.

This is a pretty common occurrence in the RSA world (such as web server ssl certificates etc)and these days Thawte also has something in place like this for PGP keys.

--

Instead, you could also just install the new root certificates from Verisign and Thawte, and continue using the old browser.

• The Web of Trust: instead of Verisign personal certificates, only costing money and making no assumptions about identity, unlike Thawte, which issues such certificates for free, following a Web of Trust scheme - never just to make money
• Very friendly to the open source people, supports PGP and open source web servers, even back then when Verisign refused to know any non-commercial SSL implementation for Apache
• They offer free IRC-based technical support
• They link and suggest Fortify on their site
• They have the best privacy policy I've ever seen - read it - you'll like it!
  

Please read Thawte's President essay.

Especially comments on VeriSign:

A loss of $21 million, on revenues of $9 million, of which $3 million in revenues came from a book transaction with a parent company. Damn. Wow. Sheesh.

Will we list Thawte? Unlikely. I don't think investors would understand and be prepared to pay a premium for a small company that is profitable but not over hyped. And I like my autonomy too much! Besides, we plan to diversify and push the "Thawte" brand independently of certificates, so it will be nice to have a wholly owned cash generator over time. But that's a different story, and actions speak louder than words!

It might relate only to IPO, but...

Consider the following:

• As this chart on the Thawte site makes clear, these two companies combined own almost 100% of the market.
• The barriers to entry in this market are huge: A new certificate authority would not be recognized by the current installed base of browsers.
• Having two competing firms in this market clearly benefitted consumers. A server certificate from VeriSign costs $349; Thawte's costs $125.

This is bad news for consumers.

I take it that you don't understand the web of trust model. The idea that PGP implements is to allow anyone to trust anyone else, regardless of their 'status' -- that is, there are no certificate authorities. However, because I can trust your signed keys, I can inherently trust a key that has your signtature attached. In fact, I could trust someone's key because it was signed by someone whose key was signed by someone whose key was signed by you (who I trust). This kind of 'friend trusts friend trusts friend' model is very useful if a large number of people are using the system. Within a closed system such as a company, keys get signed quickly because of close proximity to each other. Each of these people may know and trust a few other people on the Internet (say, 3). If there are 50 people at a company using PGP who have all signed each others' keys and trust those people to sign others' keys responsibly (two different trust settings), then there is an automatic infrastructure of 150 people trusting each other through the company people (not including the latter group).

With high percentages of PGP/GPG usage, there is a good web of trust established and a public key infrastructure in the hierarchial sense is not needed. However, a trusted "root" authority can establish themselves (Thawte is one such authority) and sign PGP keys, allowing everyone to trust their key, and implicitly trust others' keys.

Both models are usable under a web of trust model; don't discount PGP so easily.

- Michael T. Babcock <homepage>

The same way you don't have to "buy" your signature, you shouldn't need to pay for a certifying agency to have your digital identity.

Then go to www.thawte.com and get a free certificate. They will verify your email address and give you a certificate for that address (it won't contain your name, because they can't verify that easily). They can also sign your PGP key, after verifying that you own it.