Firefox SSL-Certificate Debate Rages On

← Back to Stories (view on slashdot.org)

Firefox SSL-Certificate Debate Rages On

Posted by kdawson on Friday August 22, 2008 @12:27AM from the four-screens-i-mean-really dept.

BobB-nw points out the ever more raucous debate over the way Firefox 3 handles self-signed certificates. The scary browser warnings have affected a number of legitimate sites (such as Google AdWords and LinkedIn) that didn't renew certs in time. Lauren Weinstein loudly called attention to the problem early in July. "If you visit a website with either an expired or a self-signed SSL certificate, Firefox 3 will not show that page at all. Instead it will display an error message... To get past this error page, users have to go through four different steps before they can access the website, which from a usability standpoint is far from ideal. This way of handling websites with expired or self-signed SSL certificates is bound to scare away a lot of inexperienced users, no matter how legitimate the website is."

113 of 733 comments (clear)

Worth it. by Shaitan+Apistos · 2008-08-22 00:28 · Score: 5, Funny

As long as I get my awesome bar, I'll put up with anything.
1. Re:Worth it. by Bashae · 2008-08-22 00:32 · Score: 5, Insightful
  
  Well, I can live with it, but they could at least patch this feature to make it less annoying with self-signed certificates. Show a warning, yes, but right now the error message is too creepy.
2. Re:Worth it. by gbjbaanb · 2008-08-22 00:35 · Score: 4, Insightful
  
  amen. The error message seems to be designed for people who know about these things, not mom and pop users.
  They could improve the message significantly, explaining what the problem is and what to do about it. Then I think the issue wouldn't be so big anymore. People would still complain about the number of clicks to accept a self-signed cert, but at least it would appear as legitimate information instead of an 'error'.
3. Re:Worth it. by mulvane · 2008-08-22 00:36 · Score: 5, Insightful
  
  Let's not expect site maintainers to actually keep their ssl certs up to date. Oh noes. We want customers to not trust ssl certs so they may fall victim to a scam.
4. Re:Worth it. by Cormacus · 2008-08-22 00:39 · Score: 5, Insightful
  
  I have to agree. Few things should be more important to a site administrator that handles personal information for their clients than getting their SSL certs updated in time.
  
  Browsers that allow this kind of lax security atmosphere are part of the problem.
  
  --
  Mon chien, il n'a pas du nez. Comment scent-il? TrÃs mauvais!
5. Re:Worth it. by bunratty · 2008-08-22 00:40 · Score: 5, Insightful
  
  It's supposed to be creepy, because it may be the only warning you're the victim of a DNS poisoning and you're not at the site you think you are, or you're the victim of a man-in-the-middle attack and your "encrypted" communications are being intercepted and read. At least in Firefox 3 you need to add an exception to see the site, so you see the warning only once. In Internet Explorer 7, you can see the site by clicking a link, but you will see the scary warning every time you visit the site. Users will disregard the warning if they see it very often, making the warning ineffective.
  
  --
  What a fool believes, he sees, no wise man has the power to reason away.
6. Re:Worth it. by phoenix321 · 2008-08-22 00:54 · Score: 5, Insightful
  
  Better yet: expect the non-technical crowd, the users, to put up with errors of the pro-technical crowd, the site maintainers.
  Excellent shift of responsibility towards, right?
  I think this is an issue of whiny webmasters, really. A proper certificate is around 10 bucks per year and although they issue it to anyone, it is security at a much higher level than using a self-signed crutch.
  If you're a website owner, put up those 10 dollars and stop complaining. Keep your house clean and your certificates valid.
  EVERYTHING you do by that is better than to accustom millions of non-technical users to click away any and all error messages when surfing. If all browsers would show these drastic certificiate errors AND all SSL-loving webmasters would keep their certs updated, we would have less issues in phising and scamming, much less.
  Either you have security or you don't. Encrypting to someone is useless or even dangerous when you mistake the identity of the receiver.
7. Re:Worth it. by erikina · 2008-08-22 00:58 · Score: 2, Interesting
  
  That's really not the point. The point is, what's worse: Using NOTHING or using an expired/self-signed cert? Yes, self-signed certs introduces undetectable MiTM attacks, but they still stop listening (without actively changing every every packet being in the middle encrypted and decrypting from both sides).
  
  In fact, all browsers really bitch about self-signed certs, which is why none of my websites use https - when it would clearly be more secure.
  
  The only reason you would do that, is because people attach trust to https:/// so I propose that all secure sites (valid certs) make the whole fricken browser light up yellow with a big ass padlock to show it's secure. Self-signed, and expired certs will just get https:/// invalid certs will get a warning. And plaintext will get http:///
  
  Everyone's happy, and people will feel secure going to their bank site with a *big* padlock (that should be noticable if absent).
8. Re:Worth it. by Anonymous Coward · 2008-08-22 00:58 · Score: 5, Insightful
  
  amen. The error message seems to be designed for people who know about these things, not mom and pop users.
  I don't follow this sentence. That seems to describe *precisely* the old way of doing things, an easily dismissable box that only experts took note of and understood. The new method is *supposed* to bother users and get them to pay attention to the actual risk, while offering them a way to still accept it.
  Whether or not you think being bothersome to users is a legitimate technique can and should be open to debate, but I don't think it targets experts at all...
9. Re:Worth it. by HungryHobo · 2008-08-22 01:03 · Score: 5, Insightful
  
  They could do with a red-yellow-green warning system.
  Red- sites with self signed certs which have changed since the last time you have visited them(keeping a record of all certs accepted to this point would be a good idea to help with this)
  Yellow- Self signed cert. Warning first time you go to the site with accept/reject.
  Green- Signed and verified by trusted 3rd party.
  Sites which have a signed and verified cert and which have marked themselves as "should always be HTTPS" but which you are visiting with HTTP -should be red as well.
  This way if some phisher sent you a link to http:\\paypal.com and paypal had registered with the trusted 3rd party that their site should always be using HTTPS then you get a red warning. Yes I know this would mean traffic to the trusted 3rd party whenever you visit any http site.
10. Re:Worth it. by HungryHobo · 2008-08-22 01:06 · Score: 3, Insightful
  
  yes but it shouldn't treat a self signed cert worse than no cert unless it has changed since your last visit and if this is your first visit then it shouldn't be more creepy than simple http(no warning at all so your average mom and pop won't even think they're being scammed).
11. Re:Worth it. by elrous0 · 2008-08-22 01:14 · Score: 3, Interesting
  
  And some of us WANT to be warned when we're dealing with a cheap-ass website whose people don't have their shit together. To me, a website who has let their certificate expire or is too cheap to spend $10 a year to get a real certificate is not a website that I want to be doing business with in the first place.
  
  --
  SJW: Someone who has run out of real oppression, and has to fake it.
12. Re:Worth it. by bunratty · 2008-08-22 01:15 · Score: 4, Informative
  
  If the site uses a self-signed cert and hasn't changed since your last visit, you get no warning in Firefox 3.
  If you visit a site for the first time and you get a self-signed certificate, that could be the only warning that you're the victim of a man-in-the-middle attack or DNS poisoning attack. You need a warning in that case. Please read the article I link to; it explains this point clearly.
  
  --
  What a fool believes, he sees, no wise man has the power to reason away.
13. Re:Worth it. by exi1ed0ne · 2008-08-22 01:20 · Score: 5, Insightful
  
  A proper certificate is around 10 bucks per year and although they issue it to anyone, it is security at a much higher level than using a self-signed crutch.
  
  Currently the only difference between a self signed cert and a $10 one is that the latter leaves you $10 poorer. There is no practical difference between the two. As a matter of fact, the current methodology of including certain CAs in browsers provides a false sense of security - which decreases the value of the system as a whole.
  
  --
  Pessimists.net - as if life wasn't depressing enough.
14. Re:Worth it. by erikina · 2008-08-22 01:20 · Score: 3, Insightful
  
  Good idea. But the browser should automatically accept self signed certs. After all, it'll automatically accept insecure (http) connections.
  
  Just give them both yellow. And make know they need a green before doing anything really sensitive.
15. Re:Worth it. by Zeinfeld · 2008-08-22 01:23 · Score: 5, Insightful
  
  It's supposed to be creepy, because it may be the only warning you're the victim of a DNS poisoning and you're not at the site you think you are, or you're the victim of a man-in-the-middle attack and your "encrypted" communications are being intercepted and read.
  This whole debate is rather off the point. Making changes to a security protocol in response to the last Slashdot thread is not exactly the best idea. There are more issues than just whether people can save a buck and get encryption. As you point out the point of the certificate is authentication, not encryption.
  Back in 1995 the Netscape folk decided to write the protocol in such a way that you had to have authentication of the server public key to do encryption. As it happens I argued against that choice at the time, and again when the self-signed certs issue came up again a few years ago I have consistently argued that the browser should allow ANY connection to be encrypted with ANY key, just don't bother to worry the user about it unless the cert is trustworthy according to the user spec.
  There are in fact changes in the works here. I am part of a W3C working group where we have discussed this exact issue. I have consistently argued for eliminating all security pop-up warnings of all types - they are designed to dump responsibility for security onto the user rather than be actually useful. I have also argued to make use of self-signed certificates easier as we should be moving to a position where security is the default on the Web.
  Yes I do work for a CA, no I am not speaking for them on this particular occasion, but we have consistently argued to make use of unpaid cryptography as easy as possible because anything that expands the use of cryptography is going to eventually expand the demand for authenticated keys. I really don't think that we will have large numbers of people stop paying the price of a Thawte or GeoTrust cert and switch to a self-signed. More businesses will go the other way.
  Its the same argument on code signing: all code should be signed, even development compiles. But only final production code should be signed with a trustworthy key - or the key is not going to be trustworthy very long. And only some final code will be signed by CA accredited keys. But that is fine if the O/S allows you to make statements of the sort 'drivers have to be signed by a trusted root, programs signed off a Web o' Trust key can run but only with restricted privs'.
  
  --
  Looking for an Information Security student project suggestion?
  Try http://dotcrimeManifesto.com/
16. Re:Worth it. by MadnessASAP · 2008-08-22 01:28 · Score: 5, Insightful
  
  I agree totally, the problem isn't the scary browser notices. It's websites and their poor security practices perhaps now that those practices are having a noticeable impact on their business these websites will change said practices and it wont be a problem anymore.
  
  --
  I may agree with what you say, but I will defend to the death your right to face the consequences of saying it.
17. Re:Worth it. by Anonymous Coward · 2008-08-22 01:31 · Score: 2, Insightful
  
  i guess color-blind people will be pretty screwed then
18. Re:Worth it. by dr.ka0s · 2008-08-22 01:32 · Score: 2, Insightful
  
  Damn straight! Instead of picking of FF for doing an effective job of exposing risk, we should be picking on those who run "legitimate" sites that haven't seen the need to stay on top of certificate updates. The whole point here is to make VERY clear to the user that FF is unable to determine the legitimacy of a "supposedly secure" site because the site owners haven't kept up their end of the bargain!
19. Re:Worth it. by blowdart · 2008-08-22 01:35 · Score: 3, Insightful
  
  Oh goodness no; think of the phishing problems. If you automatically accept without warning then phishing sites will look more legitimate. You may argue that the yellow will help but users don't pay attention to things like that; as long as it indicates there's some protection they'll accept that.
20. Re:Worth it. by the_B0fh · 2008-08-22 01:44 · Score: 2, Funny
  
  http:\\????
  So that you can always spot a windows user, I guess.
21. Re:Worth it. by Anonymous+Conrad · 2008-08-22 01:44 · Score: 4, Insightful
  
  Good idea. But the browser should automatically accept self signed certs. After all, it'll automatically accept insecure (http) connections.
  No! You switch to https to get a secure connection to who you're intending to talk to. A self-signed certificate doesn't tell you anything about who you're talking to. If you don't want security, stay on http.
22. Re:Worth it. by illumin8 · 2008-08-22 01:46 · Score: 3, Insightful
  
  As it happens I argued against that choice at the time, and again when the self-signed certs issue came up again a few years ago I have consistently argued that the browser should allow ANY connection to be encrypted with ANY key, just don't bother to worry the user about it unless the cert is trustworthy according to the user spec.
  
  Don't you see a small problem with that? Don't let the user know that the free wifi access point they're using internet from is doing a man in the middle attack when they login to their bank account with what they think is SSL? Because, after all, encryption is better than no encryption.
  Encryption is not always a good thing, especially if there is no trust. You work at a CA, you should know that. Encryption without trust gives you the false impression that your data is safe. When really, all it takes is a trivial Linux box serving as a transparent proxy at the local free wifi hotspot to capture hundreds or thousands of banking passwords. After all, you get a certificate (even though it's invalid), so you should be able to just not let the user know about it and trust it anyway, right?
  
  --
  "When the president does it, that means it's not illegal." - Richard M. Nixon
23. Re:Worth it. by jeroen94704 · 2008-08-22 01:49 · Score: 5, Insightful
  
  The problem is that mom and pop users are not the ones who should solve this issue, cannot be educated about cryptography in a warning message AND are the most likely victims of phishing attacks and such. The people who complain about the number of steps to set up an exception are also the people who can make an informed judgment about the trustworthiness of a site to begin with. We should NOT be putting mom and pop at risk for the convenience of the knowledgeable minority of users. The sites mom and pop are most likely to visit will have their certificates in order anyway (or should have, at least). Not being able to access some legitimate sites that insist on using self-signed certificates is a small price to pay.
  
  --
  He who laughs last, thinks slowest.
24. Re:Worth it. by Dishevel · 2008-08-22 01:50 · Score: 2, Funny
  
  Ehh. The color blind coding coalition will release a Firefox plug in within a week that will solve the issues for the color "Challenged". :)
  
  --
  Why is it so hard to only have politicians for a few years, then have them go away?
25. Re:Worth it. by beckerist · 2008-08-22 02:02 · Score: 5, Insightful
  
  I agree. The problem is though that the people that are complaining probably:
  A) Don't even know what it is and
  B) Don't even bother reading it once they figure out which order of buttons to push.
  
  Even though the concept SHOULD be easy enough for anyone who can figure out how to browse the internet, the issue isn't comprehension but presentation. It's immediately demoted to "annoying pop up" as opposed to "informative box I should read" in the style it's in now.
26. Re:Worth it. by Matthieu+Araman · 2008-08-22 02:05 · Score: 5, Insightful
  
  No, if the site uses SSL and the certificate is invalid, it may be a "Man in the middle attack".
  You can't just treat this like a http connection and not warn the user.
  There are many sites which should use real encrypted connections (ie with a signed certificate + SSL). I'm not fond of sending sensitive info in the clear (that's about the same thing with a self-signed certificate...)
  StartCom/StartSSL certificate are free and works with Firefox (and other CA are mostly cheap) so price is no longer an excuse...
27. Re:Worth it. by croddy · 2008-08-22 02:12 · Score: 4, Insightful
  
  No, I use SSL to obscure my messages from people in between me and the server. If I want to verify the party to whom I'm speaking, I'll go over there myself with a 6-pack.
  The funny thing about that 6-pack is that it costs more than the "real" SSL certificate, and I actually have to show ID sometimes to get it.
28. Re:Worth it. by huge · 2008-08-22 02:14 · Score: 3, Insightful
  
  Hell no!
  The difference is that when user is using HTTP there is no expectation of security while using SSL one assumes that connection is encrypted and authenticated.
  
  --
  -- Reality checks don't bounce.
29. Re:Worth it. by scorp1us · 2008-08-22 02:17 · Score: 2, Insightful
  
  Mod parent down, it is the opposite of insightful.
  In a perfect world, the parent is right, some cert > no cert.
  However, given the recent disclosure of the DNS vulnerability, and that the fix does not fix anything. Certs are fundamentally used to establish identity, not provide encryption. You can *NEVER* establish identity with a self-signed cert. Even with a cert from an authority the idea of "trust" is not binary. Gaining trust is subjective, and when you trust an authority, you implicitly effectively incorporate and endorse their verification methods them as your own.
  The only thing you can establish with a self-signed cert that is that the cert has not changed. For this to be secure, you need the first time you see the cert for it to be accurate. But there is a flip side. If an attacker get his cert to you first, and the attack ends, and the real cert is restored, then you don't know if the attack just ended or started. You have 0 additional information.
  Your mom and pops need to get authority-signed certs.
  
  --
  Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
30. Re:Worth it. by calmofthestorm · 2008-08-22 02:25 · Score: 3, Insightful
  
  Um...there are plenty of legitimate sites that don't have signed certs by some arbitrary company. Mozilla is welcome to add our root CA to their trusted list whenever they want.
  
  --
  93rd rule of Slashdot: No matter how obvious my sarcasm is, my comment will be taken seriously by someone.
31. Re:Worth it. by LordLucless · 2008-08-22 02:35 · Score: 3, Insightful
  
  If you visit a site that doesn't use SSL, you'll never get any warning that you may be the victim of a man-in-the-middle or DNS poisoning attack.
  
  What you say is true. It doesn't make the parent's post any less true though. SSL > Self-Signed > HTTP.
  
  --
  Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
32. Re:Worth it. by Sloppy · 2008-08-22 02:39 · Score: 3, Insightful
  
  as long as it indicates there's some protection they'll accept that.
  So don't "indicate there's some protection." Just have it work at least as well as unencrypted connections, since it is at least as safe. If someone gets phished this way, then they're also getting phished every day on unencrypted connections.
  
  --
  As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
33. Re:Worth it. by Hyppy · 2008-08-22 02:46 · Score: 2, Insightful
  
  If an e-business can't even put forth that effort, than they don't deserve my business.
  
  Heck, if it's only 14 dollars and an email away, the only reason any website uses self-signed certs is philosophical at best.
34. Re:Worth it. by exi1ed0ne · 2008-08-22 02:47 · Score: 2, Insightful
  
  Bah, that's only true if you believe Verisign, et al, don't actually perform proper diligence to validate that the owner of the certificate is who they say they are.
  
  Last time I bought a cert, the only diligence performed was to make sure they could charge my credit card. That is hardly inspiring verification that I'm actually who I say I am.
  
  --
  Pessimists.net - as if life wasn't depressing enough.
35. Re:Worth it. by Sloppy · 2008-08-22 02:48 · Score: 2, Funny
  
  If only there were some way that a computer could communication information to a user in monochrome.. I don't know, using words or icons or something. But the chances of anyone inventing that are slim, and whoever does it, will then have it patented for the next 20 years. Bummer. :(
  
  --
  As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
36. Re:Worth it. by initdeep · 2008-08-22 03:09 · Score: 4, Insightful
  
  Do you feel the same way about UAC in Vista?
  It serves the EXACT same purpose.
37. Re:Worth it. by huge · 2008-08-22 03:29 · Score: 3, Insightful
  
  Most users probably don't choose to use SSL. Usually it's the server that decides it by redirecting or posting to a secure page (bad idea, anyway!) If the user types in, "mybank.com" into their address bar, the default is to try http on port 80 first. A man in the middle can intercept this, and then it's game over, anyway.
  If you rely on the end-user for security, you might as well give up.
  If I submit a form over HTTPS I expect the connection to be authenticated and encrypted. If somebody manages to stage a MitM attack on me, it'll be detected immediately as I'm using SSL. But what you are saying is that browser should just accept the invalid certificate and submit the data anyway. It could be that the attacker couldn't compromise the form I was filling in as it came from different server or from local disk.
  Dude, you have to be on crack.
  Even if uninformed public would somehow benefit (which I highly doubt) from this 'solution' of yours, it would still hurt those that actually know what they are doing. It would also make sure that those few users that actually choose to use SSL couldn't use it for purposes it was intended.
  
  --
  -- Reality checks don't bounce.
38. Re:Worth it. by Sancho · 2008-08-22 03:42 · Score: 3, Insightful
  
  You're not the average user. Most people on Slashdot aren't the average user.
  
  But what you are saying is that browser should just accept the invalid certificate and submit the data anyway.
  I didn't say that anywhere. Please do not put words in my mouth.
  What I am saying is that a lot of users don't have an expectation of privacy. They only notice problems. When there aren't warning dialogs popping up, they don't think about security. I'm saying that the entire paradigm is flawed because of this. Instead of SSL being the exception, it should be the rule, and deviation from the rule should be pointed out to the user every single time.
  But even then, it probably wouldn't be enough. People have to have their crazy cursors and their dancing baby desktops.
  You seem to have written your entire post with the assumption that I was agreeing or disagreeing with any of the posts directly above me. Not everyone automatically shares or rejects the opinions of the posts to which they reply. I simply thought it might spawn interesting discussion to point out that users may fall for MITM if they never even see a lock up in the corner of their browser window.
  Want some evidence? People fall for phishing. I work for an ISP which has monitored phishing in the past, and quite simply, people will reply to the e-mails with their passwords and visit the webpages entering in their credentials. Every major phishing event has included people doing this. What makes you think that these same people will suddenly be security-aware when someone is intercepting their connections to mybank.com over port 80?
  Take a major banking website:
  http://www.citibank.com/us/index.htm
  (I found this page by simply typing citibank.com into my browser.)
  What happens when you go to that site? You go there, you click on "log me in" or whatever, and then it switches to SSL. Think the user is going to notice if it doesn't switch to SSL? Probably not. So one could MITM this site pretty easily and harvest logins. SSL never even comes into play. All of the "self-signed certs are no worse" or "ca-signed certs are way better" arguments don't even matter, now.
39. Re:Worth it. by raynet · 2008-08-22 03:54 · Score: 2, Interesting
  
  Sure, I agree. But I am not the average Internet user so I can check if a SSL cert has been signed by a trusthworty CA or not.
  Perhaps we need browsers to display five star rating icon next to the padlock to indicate how trustworthy the CA is.
  
  --
  - Raynet --> .
40. Re:Worth it. by theCoder · 2008-08-22 04:30 · Score: 2, Insightful
  
  The self-signed certificate LOOKS *EXACTLY* the same as a MAN IN THE MIDDLE ATTACK.
  Only if there is a MITM attack the first time you connect to the site. And every other time you connect to the site. I admit, there is a potential danger. But the same danger exists for SSH. The first time you connect to your ssh server, you download the server's key. Maybe you verify it, but now it's in the ssh client's cache of keys. The next time you connect to the server, the client compares the key to the cached version. If they're different, it lets you know something weird is going on. Otherwise, it connects without issue because the only way there could be a MITM attack the second (and third, and so on) time you connect is if there was always been a MITM attack going on.
  As others have pointed out, the security of connections goes like:
  CA signed cert > self signed cert > no cert
  However, FF3 makes the self signed cert a bigger PITA to deal with than no cert. There are lots of ways Firefox could make it clear that the self signed cert is not completely safe without subjecting users to confusing warning screens.
  
  --
  "Save the whales, feed the hungry, free the mallocs" -- author unknown
41. Re:Worth it. by onefriedrice · 2008-08-22 04:59 · Score: 5, Insightful
  
  All of this new talk about self-signed certificates is clouding over the real, critical issue which has been around for longer than FF3. It would make more sense for the browser to treat a self-signed certificate like a CA-signed certificate rather than a regular http connection because (and here's the point) authentication in the browser is a myth. Let me walk you through this.
  
  Authentication doesn't exist on the internet because getting a genuine CA-signed certificate from a CA with a root that is already in your browser is hardly any more difficult or expensive than making a self-signed certificate. The tragedy is that the lock icon makes people feel safe when in reality, the authentication of the transaction relies entirely on supposed background checks which may or may not have been done by some CA that you won't know about unless you examine the certificate.
  
  Does anyone else see the problem with this!?
  
  A better idea is for the browser to raise the big warning flags for changed certificates (CA-signed or otherwise) so users can check manually whether it is a man-in-the-middle attempt or an official updated certificate from the site, and treat all https transactions as encrypted and better than a transaction with no encryption (regular http).
  
  A better long-term fix for this problem is to create a system (or use the system we have) to actually ensure authentication on the internet. For this to happen, we need browsers to stop including CA roots from CAs which happily sign certificates with zero or insufficient background checks. Of course this isn't bulletproof, but it would go a long way to providing real authentication on the internet.
  
  In the meantime, people need to stop thinking CA-signed certificates are very much safer than self-signed certificates. A CA-signed certificate from a specific CA that is known to provide good background checks is useful for authentication, but a CA-signed certificate from some random hole-in-the-wall CA that has a root in your browser provides no more authentication than a self-signed certificate does. At least its a step in the right direction for FF3 to show some information about the certificate from the URL bar rather than making users examine the certificate so that we can make our own determination of whether we trust the site based on if we trust the CA or not. Anyway, it's really the changed certificate that you need to worry about, regardless of who signed it, and encryption is also better than no encryption since at least the sniffers won't also get your info.
  
  --
  This author takes full ownership and responsibility for the unpopular opinions outlined above.
42. Re:Worth it. by profplump · 2008-08-22 11:48 · Score: 2, Insightful
  
  It's not safer from MitM. But it's a lot safer from passive sniffing. I don't care what the /. trolls tell you -- MitM is quite a bit harder to pull off than passive sniffing.
That's the point. by WPIDalamar · 2008-08-22 00:32 · Score: 5, Insightful

Isn't scaring away inexperienced users from sites with questionable security the whole point of those warnings?
I mean a user friendly message that lets someone get past it really easily wouldn't exactly get the job done.
1. Re:That's the point. by Cormacus · 2008-08-22 00:41 · Score: 5, Insightful
  
  If we need to change the way SSL certificates are issued and who has control over it (etc) . . . that is one issue.
  
  Encouraging web browsers to ignore security irregularities and allow users to access sites that handle private information *without* bringing it to the user's attention is just irresponsible.
  
  --
  Mon chien, il n'a pas du nez. Comment scent-il? TrÃs mauvais!
2. Re:That's the point. by Anonymous Coward · 2008-08-22 00:42 · Score: 5, Funny
  
  Didn't scare me away. I just bought a laptop from neweggs.com for a fantastic price, and their cert was expired. They even added a second layer of security for credit card transactions, requesting my SSN and driver's license. I can appreciate that level of trust from a website.
3. Re:That's the point. by Anonymous Coward · 2008-08-22 00:46 · Score: 4, Interesting
  
  Because not all of these sites are questionable...
  All it does is force these sites to buy certificates from the existing ssl certificate cartel.
  Your site isn't questionable, but the business or sysadmin behind it IS. I'm sorry, but when you find you want/need to run SSL encryption, an SSL cert is around $150/year. Not exactly extortion when you consider all the other expenses to run a website (hardware, OS licenses, bandwith).
4. Re:That's the point. by Goaway · 2008-08-22 00:55 · Score: 3, Insightful
  
  b) Most experienced users are very happy with self-signed certificates - they are mainly trying to avoid middleman secutiry issues (ISP, employer and other big brother types).
  Uh, self-signed certificates are WIDE OPEN to MITM attacks. That's kind of the point here? Maybe you're not as experienced as you think?
5. Re:That's the point. by swilver · 2008-08-22 00:58 · Score: 2, Insightful
  
  Arguably, sites that use SSL are more secure than regular HTTP sites. Why then are no big red warnings displayed for every regular HTTP site visited?
6. Re:That's the point. by phoenix321 · 2008-08-22 00:58 · Score: 2, Insightful
  
  How do you know it is YOUR wireless broadband router admin site, then? It could be anyone who just managed to re-route your connection.
  Why should you use encryption (securing transit lines) when you don't need authentication (securing transit endpoints)? When you're not sure if the endpoint you're talking to is the one you want, you could as well transmit everything in cleartext, because your receiving endpoint might as well be the eavesdropper himself.
7. Re:That's the point. by Shikaku · 2008-08-22 01:07 · Score: 4, Informative
  
  http://www.startssl.com/ Except you can get it for free.
8. Re:That's the point. by swilver · 2008-08-22 01:10 · Score: 5, Informative
  
  No, they are not. I'm afraid you are not as experienced as you think.
  You see, self-signed certificates are only wide open to MITM attacks if the person monitoring you was replacing all certificates pro-actively before you even visited the website once. If you however have visited the site before, Firefox will warn you that the certicate has changed when a MITM changes it. At this point Firefox should display a big red warning.
  Furthermore, and this is the part that people like you donot seem to grasp, there IS use for encryption beyond protection from MITM attacks. Using SSL encryption protects me from password sniffers that sit on my network, or in my wireless neighbourhood or from some comprimised router my request travels over. It protects me from some script kiddy running a network monitor seeing what I'm typing in HTTP forms. Yes, it does not protect me from a REAL MITM attack (unless of course I've been there before, and see that the certicate changed), however the sites providing simple SSL encryption just for the sake of not sending stuff in plain text are not worth attacking anyway.
9. Re:That's the point. by MiKM · 2008-08-22 01:11 · Score: 4, Insightful
  
  Unlike sites with self-signed certs, sites with vanilla HTTP make no claim about their security.
10. Re:That's the point. by Timothy+Brownawell · 2008-08-22 01:13 · Score: 4, Insightful
  
  Isn't scaring away inexperienced users from sites with questionable security the whole point of those warnings?
  I mean a user friendly message that lets someone get past it really easily wouldn't exactly get the job done.
  Plain http is even more questionable, and somehow it doesn't complain about that. Also, some people tend to think that CAs are more security theater than real security, and there are better ways to do things.
11. Re:That's the point. by William+Ager · 2008-08-22 01:19 · Score: 4, Insightful
  
  Because it's the same certificate that was there last year?
  
  Self-signed certs do not necessarily constitute poor security. That said, they generally do. In my case, I sign my certs with a single CA, and then add that cert to all of my computers.
12. Re:That's the point. by clare-ents · 2008-08-22 01:29 · Score: 2, Insightful
  
  My router cost £20. A certificate costs ~ £60/year. I've used my router for nearly 5 years. Could you explain in detail how much benefit I would get from the extra £300/year - a 15000% increase in price ? Please bear in mind I can trace the cable all the way from my desktop machine to my router.
  In particular, please give reference to the increased utility compared to other things I could do with that £300, for example buying a sanitation block for 150 Indian School children.
  http://www.wateraid.org/uk/donate/4467.asp
  Just to clarify, the UK tax system with gift aid would increase the £300 to £384, given charitably, which is close enough to the £385 purchase price listed there.
  Other things you might like to consider in your answer are why an SSL certificate for my router is more worthwhile than an eeePC (£200), six weeks food (~£300), a Linlithgow 30 year old whisky (£289) or a 24inch widescreen monitor (~£230).
  
  --
  Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. (Einstein)
13. Re:That's the point. by huge · 2008-08-22 01:35 · Score: 3, Insightful
  
  You are talking about encryption while the error message is about authentication. While these two are closely related in this context, they are different things.
  SSL without proper chain of trust (authentication) is secure against eavesdropping but not MitM. Properly implemented SSL is resistant against both. SSL was designed for both authentication and encryption so it shouldn't automatically degrade to encryption-only.
  The difference is that admins of the SSL site want that their users make sure that they are connecting to the correct server. It's the admin of the site who is requesting the browser to flag up any potential problem with the connection. If they wouldn't care, they wouldn't have used SSL in the first place.
  
  --
  -- Reality checks don't bounce.
14. Re:That's the point. by illumin8 · 2008-08-22 01:53 · Score: 2, Insightful
  
  You see, self-signed certificates are only wide open to MITM attacks if the person monitoring you was replacing all certificates pro-actively before you even visited the website once. If you however have visited the site before, Firefox will warn you that the certicate has changed when a MITM changes it. At this point Firefox should display a big red warning.
  You conveniently ignore the fact that there are many times when a customer might be visiting the website for the first time from a new computer. Let's say I'm on vacation, pop into a public library to check my bank balance, and logon to my bank website. How do I know if I'm safe from MITM without a trusted cert? You expect me to remember the fingerprint of my bank's real SSL certificate and check every digit? You expect Joe Average to do this?
  Trust and CAs exist for a reason. Underqualified webmasters just need to let this one go. They don't understand the reason trust is required to secure financial data on the internet, and they're just asking us to make everyone less secure because they can't do their job properly and keep their certs up to date.
  
  --
  "When the president does it, that means it's not illegal." - Richard M. Nixon
15. Re:That's the point. by Goaway · 2008-08-22 02:06 · Score: 2, Insightful
  
  You see, self-signed certificates are only wide open to MITM attacks if the person monitoring you was replacing all certificates pro-actively before you even visited the website once.
  I don't know about you, but personally I have not yet visited the majority of the sites on the internet. Thus this is a pretty significant attack vector for me.
  
  Furthermore, and this is the part that people like you donot seem to grasp, there IS use for encryption beyond protection from MITM attacks. Using SSL encryption protects me from password sniffers that sit on my network, or in my wireless neighbourhood or from some comprimised router my request travels over.
  Except of course if that router MITM's you instead of just trying to eavesdrop. Or if that password sniffer on your local network manages to redirect your traffic through itself so it can MITM you too.
Security Is worth It With all the Troll Sites by curmudgeon99 · 2008-08-22 00:33 · Score: 5, Interesting

With all the sites out there just looking to steal information from you, and to introduce Cross-Site scripting elements, this is a good idea. I want my browser to warn me when I'm going into uncertain territory. And if a website owner screwed up and did not renew their certs--to hell with them. We're supposed to accept a security risk because they couldn't get off their asses as renew? I don't think so.
1. Re:Security Is worth It With all the Troll Sites by swilver · 2008-08-22 01:02 · Score: 3, Interesting
  
  Unfortunately, you donot get it at all.
  Those people using self-signed certificates could also simply run a normal HTTP server, and you'd be none the wiser. You donot get warnings for "regular" HTTP sites.
  You are basically saying that a website with an expired certificate or self-signed certificate is WORSE than regular HTTP sites, while in reality they atleast provide you with an encrypted connection and a warning if the certificate changed since the last time you connected to that site (and when that happens, THEN you should get a BIG RED WARNING).
2. Re:Security Is worth It With all the Troll Sites by Lord+Ender · 2008-08-22 01:31 · Score: 5, Insightful
  
  A false sense of security is worse than a known insecurity.
  
  --
  A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
3. Re:Security Is worth It With all the Troll Sites by swilver · 2008-08-22 01:52 · Score: 2, Insightful
  
  Which is exactly what HTTP does, it provides you with a false sense of security (as in, no warnings at all), while a slightly more secure solution is billed as something you must avoid like the plague.
  Self-signed certificates should be accepted automatically and displayed and treated as a regular HTTP site. No green status bar. Issue a warning though if the certificate changed.
Absolutely right by Anonymous Coward · 2008-08-22 00:34 · Score: 2, Insightful

Certificates are a usefull tool if used properly. Expired or self-signed certs have no value, one would expect admins to have the minimum awareness (professionalism?) to maintain them correctly? Or is even that too much to ask?
1. Re:Absolutely right by morgan_greywolf · 2008-08-22 01:07 · Score: 2, Insightful
  
  Expired or self-signed certs have no value, one would expect admins to have the minimum awareness (professionalism?) to maintain them correctly? Or is even that too much to ask?
  Internally in a network where you can trust all the traffic, self-signed certs aren't much of a problem. In fact, they work just fine. Yes, it would be nice if we could do away with them and generate our own through our own internal root CA, but then some devices just don't let you add your own cert.
  But, yes, self-signed certs have a time and a place. You have to be careful and validate the cert's fingerprint -- possibly even by hand.
  
  --
  My blog
There's another hassle too by oDDmON+oUT · 2008-08-22 00:37 · Score: 4, Informative

Try going to multiple Linksys devices (WRT54Gs come to mind) with the same self-signed certificate.
This is what you'll see:
You have received an invalid certificate. Please contact the server administrator or email correspondent and give them the following information:
Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number.
(Error code: sec_error_reused_issuer_and_serial)
You'll only be able to set up an exception for the first one, the rest of them... so sorry so sad... unless you manually dump the certificate each time.
FF2 did not have this "feature", you could set multiple exceptions and not have to worry about it again.
Total PITA if you're working with residential users.

--
Some days it's just not worth
chewing through my restraints.
1. Re:There's another hassle too by bunratty · 2008-08-22 00:48 · Score: 5, Insightful
  
  Why doesn't Linksys provide the certificate used to sign the certificates on all those routers? Then you could add that certificate to your root certificates and no longer get any warnings at all. It looks to me like Linksys dropped the ball on this one. Perhaps the changes to Firefox 3 and Internet Explorer 7 will help companies get more serious about ensuring security.
  
  --
  What a fool believes, he sees, no wise man has the power to reason away.
This is the RIGHT solution... by volxdragon · 2008-08-22 00:38 · Score: 5, Insightful

If you EVER want to combat man in the middle attacks and phishing sites, this is the best solution. Sites whining that people are being scared away??!? Get a fucking grip, and get a real certificate from a real certificate authority so your users can actually trust you. People/companies are cheap and lazy, and unfortunately this leads to a whole host of problems...keeping your certificate legitimate and up to date should be no different than taking care of your insurance or other critical infrastructure.
1. Re:This is the RIGHT solution... by jacquesm · 2008-08-22 00:42 · Score: 3, Insightful
  
  exactly. Every time people jump through the hoops required to accept a lapsed certificate all the valid certificates in the world lose a little bit of value because the user just got conditioned a little bit more to see certificates as nothing but a hassle.
  
  --
  MP3 Search Engine
Another Solution to Self Signing? by txoof · 2008-08-22 00:39 · Score: 3, Interesting

Obviously, self signing is meaningless for anonymous strangers. It works just fine for you and your friends/colleagues, but not for anyone outside your immediately trusted group.
What are the free alternatives to VeriSign's hefty fees? Some kind of community effort to create trust, much like PGP key signing seems like it would be a good solution.
Besides being expensive, it looks like any shmo can register with verisign and then conduct all sorts of questionable practices behind their cert. It doesn't look like there's any sort of vetting in the process. I didn't complete the signup process, but it looked like once they had my money, they'd send me a certificate. While the connection is secure, that doesn't tell me a darn thing about what they are going to do with my data, or weather or not they're going to try something malicious.

--
This one's tricky. You have to use imaginary numbers, like eleventeen... --Hobbes
1. Re:Another Solution to Self Signing? by elfguy · 2008-08-22 00:59 · Score: 2, Informative
  
  There are such things, like CAcert. Organizations that start offering community based free certificates. The problem is if certs are not being sold for money, Mozilla will not include them. CAcert asked in 2003 to be included as a CA in Firefox. To this day, the bug is still open in bugzilla and awaiting inclusion.
2. Re:Another Solution to Self Signing? by csnydermvpsoft · 2008-08-22 01:00 · Score: 3, Informative
  
  StartSSL offers free certificates, and their root cert is included with Firefox.
3. Re:Another Solution to Self Signing? by bunratty · 2008-08-22 01:04 · Score: 4, Informative
  
  The point of a certificate is not to guarantee that the owner won't do something malicious. The point is to guarantee that the only person who can decrypt the communications is the site you think you're talking to. It's a guarantee that someone else will not listen in on the conversation.
  For a free certificate that works in Firefox, you can use StartSSL. For a cheap certificate that works in all browsers, you can use RapidSSL.
  
  --
  What a fool believes, he sees, no wise man has the power to reason away.
No Excuses by allcar · 2008-08-22 00:41 · Score: 4, Insightful

Fundamentally, the people at fault here are the so-called professionals who allow their certificates to expire. Why should I trust their site's security if they can't manage a simple administration function like that. Thawte and Verisign provide you with enough reminders that your certs are about to expire, so you don't even need to diarise it yourself.
I do have more sympathy with self-signed certificates.There is no excuse for corporates to be using them, but for small, non-profit sites, self-signed is understandable. Mozilla could help this situation by providing support for CACert and similar organisations, by including their signing certs in their browsers, by default.
1. Re:No Excuses by devman · 2008-08-22 01:12 · Score: 2, Interesting
  
  IIRC, Mozilla has already said that they would if CACert would meet all their auditing requirements.
2. Re:No Excuses by Minwee · 2008-08-22 01:16 · Score: 2, Interesting
  
  Actually it's CACert who could help this situation by working with Mozilla to have their CA included by default. That story has been dragging on for years with no end in sight.
3. Re:No Excuses by SanityInAnarchy · 2008-08-22 02:15 · Score: 2, Informative
  
  StartSSL provides free certificates, and they're included in Firefox.
  
  --
  Don't thank God, thank a doctor!
GOOD! by nweaver · 2008-08-22 00:41 · Score: 3, Insightful

Conditioning the users to accept self-signed certs is a BAD thing.
I think self-signing is great for HTTP and with SSH-style leap of faith. But self signed is far less useful than a real cert (because even when social engineered, a real cert allows you to say "registrar X f-ed up".) for HTTPS. And conditioning users to accept self-signed certs for HTTPS is a mistake.

--
Test your net with Netalyzr
expected behaviour by AndyST · 2008-08-22 00:44 · Score: 5, Insightful
This way of handling websites with expired or self-signed SSL certificates is bound to scare away a lot of inexperienced users, no matter how legitimate the website is.
Well that's the point. The certificate is not valid and there is no way to tell the website is legitimate. If one would insist on using TLS/SSL for HTTP with a self-signed certificate, have users install your own CA keys you gave them through another secure channel, or at least let them check the fingerprint. Nobody keeps you from doing that. It's sad that some of these things are so widely misunderstood that it actually reduces privacy and security:
- login forms on http: URI, posted to https: URI. Please, the website should identify first.
- Session Cookies which are sent for both secure and unsecure connections.
- people asking me to sign their openPGP keys they sent via e-mail wondering why I call them in return to verify the fingerprint. (This guy had a Ph.D. in computer science and after a heated exchange on the phone and e-mail I just gave up. He hates me ever since.)
The new behavior of Firefox 3 is not a problem, it's people failing to security-enable their website the right way.
I'm Firefox, I'm IE by MosesJones · 2008-08-22 00:48 · Score: 4, Insightful

This is a switch of the "Cancel/Allow" Mac/PC ad.
Here we have FF3 saying
"You have tried to access a secure site with a dodgy certificate, Cancel or Allow?"
IE meanwhile troops on regardless giving a better "user experience"
Oh until the machine goes down because the site was a trojan site using a self-signed certificate.
The issue here isn't that Firefox is making this hard, its that ANYONE ever made this easy. If a site has an expired certificate then that would worry me as it implies their IT support is a bit dodgy. If someone wants my credit card details and is using a self-signed certificate then I'm VERY worried.
There are functional issues (the duplicate cert problems of Linksys has been mentioned here) that should be addressed. But the basic problem of warning users very strongly that a site is self-signed or has an expired certificate is a good thing.
I'm using Firefox, I'm on a Mac and this problem just hasn't irritated me the way that Vista does because this does it when there is a REAL problem caused by a 3rd party, not a potential problem caused by me hitting a button. Expired or self-signed certs are a real 3rd party problem, not a scare story.

--
An Eye for an Eye will make the whole world blind - Gandhi
1. Re:I'm Firefox, I'm IE by illumin8 · 2008-08-22 02:07 · Score: 2, Informative
  
  IE meanwhile troops on regardless giving a better "user experience"
  IE does not "troop on regardless." It gives a similar nasty looking warning, as well it should.
  
  --
  "When the president does it, that means it's not illegal." - Richard M. Nixon
As a Safari user by Tibor+the+Hun · 2008-08-22 00:49 · Score: 4, Insightful

As a Safari user, i find that reading mainstream media and "security researchers" fucking hurts my head.
First Safari is bad because it doesn't have anti-phishing.
Then FireFox is bad because because it throws a fit on un-signed certificates.
WTF do they all recommend? Exploder?
I guess it all fits with the flow of uneducated American populace, too ignorant to learn to use a computer properly, so "Security Experts" need to be babysitting them.
(for those of you wondering why I use Safari, it's because of its superb in page find feature.)

--
If you don't know what AltaVista is (was), get off my lawn.
Clear and present danger by I+cant+believe+its+n · 2008-08-22 00:49 · Score: 2, Insightful

I think FF should just clearly show a warning sign and tell the user that any communication he or she has is encrypted, but that the receiver could be anyone. Therefore the user should not engage in any sensitive communication over this connection such as visiting banks etc.

I feel that there is too much scaremongering going on. Usually programs will tell you, "you are about to do something really dangerous/stupid/embarasing, proceed yes or no?". It is better to inform the user why this is dangerous/stupid/embarasing and let him or her make up their own mind. Otherwise you are just putting the blame on the user for when things go wrong without him/her being able to make an informaed decision. Many users may act less than perfect, but at least give them a chance to understand.

Yes I know that the new FF is much better at informing the user than older browsers where, but it is still too alarmist in my opinion.

What do you think?

--
She made the willows dance
As long as we're complaining about browsers by The+MAZZTer · 2008-08-22 00:53 · Score: 3, Informative

Let's complain about how easy it is for you to navigate to a malicious page in IE and get malware on your PC.
Seriously people, this isn't a huge deal. Err on the side of security rather than the other side, I would say.
I think Firefox's solution is the best we can hope for. If you or me can get a self-signed cert, a phishing site author certainly can. Then all of a sudden if Firefox were to accept self-signed certs, phishing sites over HTTPS look legitimate, and they look the same as every other HTTPS site that shelled out $$$ to get their certs signed by a trusted root authority. Hell it doesn't even cost $$$, there are a few root authorities that'll sign certs for free, and one is accepted by Firefox (I forget the name). So that's always an option. If you don't like adding exceptions to your own pages, get on Google and figure out how to fix it!
Certificate hijacking by elfguy · 2008-08-22 00:57 · Score: 5, Informative

SSL Certificate hijacking is a real issue so it should not be underestimated. Users should not be able to just dismiss a warning dialog like they can do with IE. However I do think self signed certs shouldn't be discriminated this way. Learn more with presentation #11 here:
http://www.securitypresentations.com/#11
Before everyone posts the 'so obvious' facts... by Anonymous Coward · 2008-08-22 00:58 · Score: 5, Insightful

Before all the security fanatics start telling everyone to "just spend ten bucks on a cert"...
1. Embedded appliances (you know, the hundreds of millions of routers, firewalls, etc.) cannot use an authority cert. The choice is between self-signed and no encryption only, and Firefox is pushing manufacturers towards the less secure option.
2. Typically, you first encounter a self-signed cert in a secure context (for example, setting up such an appliance by plugging it directly into your PC and visiting the web interface). After that, all you care about is whether the cert changes. The whole man-in-the-middle thing is NOT a guaranteed problem with self-signed certs.
3. Real cert authorities are not the invulnerable swiss banks everyone thinks they are. They can and have issued certs when they shouldn't have. And that isn't just new certs; last week there was a story about a Firefox-trusted cert authority that issued a Microsoft live.com domain cert to someone. So those who think authority certs are secure are deluding themselves.
In the end, Firefox's current behavior does not promote security; it simply makes life hard and annoying for legitimate users.
Why we have certificate authorities by Minupla · 2008-08-22 01:06 · Score: 4, Informative

I'm going to assume that there is a sizable minority here who doesn't actually understand what is going on with SSL certificates and why they are important. So here goes:
Assume you're trying to access your online bank, and that Dr Evil is your ISP's systems admin (or anyone else who can get between you and your bank).
In the normal course of things, your web browser makes an SSL connection to your bank, validates the certificate is signed by one of the certificate authorities that your browser trusts and you're good to go.
The certificate authority check is there to prevent Dr. Evil from setting up a server in between you and your bank. In that scenario, you would connect to Dr Evil, get his key, encrypt your username and password using his key. Dr Evil then decodes the user/password and sends it onto the bank in another connection. Then he bridges the two connections, walks off with your password and you're none the wiser.
Because of SSL certificates, if Dr Evil did try it, you'd get the nasty certificate warning, and hopefully not give Dr Evil your banking passwords.
Min

--
On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
1. Re:Why we have certificate authorities by skeeto · 2008-08-22 01:57 · Score: 3, Insightful
  
  In many cases, people are perfectly happy with SSL just keeping the traffic from the prying eyes
  That's the whole point: self-signed certs don't prevent prying eyes in the slightest. For example, it would be trivial for a tor exit node to intercept and swap self-signed certs and read all your traffic without you knowing. It is just security theater. No security (http) is better than false scurity (blindly trusting self-signed certs).
In my opinion, it's not the warning message... by w4rl5ck · 2008-08-22 01:07 · Score: 2, Insightful

which is the problem here.
FF2 had a warning message about self-signed certificates, too. The problem in my opinion is the way it is presented, and how the "exception" thing is handled from a user perspective.
In FF2, you simply had to accept the certificate, and "go" for it. So far so good. Warning message, "OK, I know what I'm doing".
Downside: anyone just klicks "yes" in ANY message, so where's the security in that?
Anyway, with the new scheme, it's simply annoying, even if you know what you are doing. I.e. I need to use some development installations of software for testing purposes, and of course, whe have to test the ssl-encrypted parts, too. Buying certificates for all this development setups would be stupid (like, throwing the money out of the window).
Why do I have to click FOUR times to simply say "this site is OK for me", while I only have to click once for popups, for auto-fillin for login data, and so on?
Just one simple "add an exception" that does the trick WITHOUT forcing me to:
- *manually* (!!!) FETCH and DISPLAY the certificate before I can accept it (hell, I KNOW it's valid, I generated it myself! And a "normal user" can't understand ANYTHING in the certificate details, so what's the point? And no, they won't "learn", either!)
- yes, I'm sure, I want an exception
- yes, for real, I ...
That's the point by Anonymous Coward · 2008-08-22 01:11 · Score: 5, Insightful

amen. The error message seems to be designed for people who know about these things, not mom and pop users.
Mom and pop users should never, ever go to a website with self-signed or expired certs. It's true that there a lot of legitimate sites that fit the category, it might even be true that most of the self-signed sites are legit. The problem is that mom and pop users are not savvy enough to distrust anything, unless there's a big fat warning there.
Firefox 3 allows you to permanently accept those certificates. If you're computer literate enough to know about these things, you whitelist those sites. If you're a mom and pop user, you call a tech savvy family member / friend / neighbor / neighbor's kid to vouch the site for you and whitelist it.
1. Re:That's the point by gambino21 · 2008-08-22 02:02 · Score: 4, Insightful
  
  Mom and pop users should never, ever go to a website with self-signed or expired certs.
  
  You might want to add that Mom and pop users should never go to a website using basic http. Since many phishing sites don't bother with https. The ones that do use https could set up a domain name like www.phish.com/paypal and get their certificate signed by a thirdparty. Now those Mom and pop users can go to the https site will a full sense of security. Do you think that mom and pop users will tell the difference? I know my Mom wouldn't.
2. Re:That's the point by Hyppy · 2008-08-22 02:44 · Score: 2, Insightful
  
  You might want to add that Mom and pop users should never go to a website using basic http
  Really, now? So, you propose that the vast majority of internet servers are reconfigured to accept SSL connections? And then, should we upgrade the borderline-performance servers so the SSL encryption doesn't drag them down to the speed of an underclocked 486?
  
  I'll tell you what: you foot the bill, then I'll get the ball rolling.
3. Re:That's the point by gambino21 · 2008-08-22 03:09 · Score: 2, Interesting
  
  No, I propose that the firefox team just comes up with a better interface for warning users about self signed certificates. The current interface makes http appear to be safe and self signed certificates appear evil. The lock color scheme option proposed earlier would be find with me. Or at least give me a configuration option to turn off the warning and let me surf at my own risk. I love the anti phishing stuff in firefox, and I'm sure that will save many users from giving away their private information. However, I don't believe that the firefox 3 interface for dealing with self-signed certificates will actually prevent any attacks, and it is obviously causing a lot of headaches based on the community response.
Oh my god. by Vexorian · 2008-08-22 01:12 · Score: 3, Funny

What the heck is wrong with mozilla? Everybody knows convenience of web developers is more important than actually making the whole SSL stuff worth it. Who cares if allowing sites to sign their own certificates makes the whole SSL thing extremely pointless? What's important here is the webmasters' comfort.

--

Copyright infringement is "piracy" in the same way DRM is "consumer rape"
Re:Why by YttriumOxide · 2008-08-22 01:33 · Score: 2, Interesting

Shikaku pointed out further up that there's StartSSL... FF3 accepted their certificate fine when I visited (although, honestly, other than a very quick visit to their page, I haven't really looked at it - perhaps the free certificates they offer aren't accepted... no idea)

--
My book about LSD and Self-Discovery
Also on facebook as: DroppingAcidDaleBewan
So it can affect the biggest of all too by unity100 · 2008-08-22 01:38 · Score: 2, Insightful

when i criticized it and said it will hurt a lot of small businesses and communities, some people came up with darwinian shit like 'if they are not able to afford a $100 buck a year ssl, they dont deserve to be on the internet anyway'.

and look now, even the biggest can be affected by this overzealous, self righteous implementation in ff3, not only small businesses and communities who are 'so easily forfeitable'.

i wonder what those people have to say now.

--
Read radical news here
What has this got to do with Firefox? by itsdapead · 2008-08-22 01:43 · Score: 5, Insightful
I know using actual evidence is unfashionable, but lets try connecting to a self-signed https page from some popular browsers, shall we?
Firefox 3

Secure Connection Failed
phishing.itsdapead.org uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
The certificate is only valid for mycomputer.itsdapead.com
- This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.
- If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.
[Or you can add an exception]
Internet explorer 7:

There is a problem with this website's security certificate.
The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website was issued for a different website's address.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
We recommend that you close this webpage and do not continue to this website.
Click here to close this webpage.
Continue to this website (not recommended).
Or Safari 3:

The certificate for this website was signed by an unknown certifying authority. You might be connecting to a website that is pretending to be "phishing.itsdapead.org" which could put your confidential information at risk. Would you like to connect to the website anyway?
How about Opera 9.5?

The server's certificate chain is incomplete, and the signer(s) are not registered. Accept?
[Help] [Reject] [Approve]
Sorry, I don't believe that - Opera is meant to be good isn't it? Let's try again: (ahem) Opera 9.5?

The server's certificate chain is incomplete, and the signer(s) are not registered. Accept?
[Help] [Reject] [Approve]
Ye gods - I wasn't imagining it! Deary, deary me...
Now, from where I'm standing:
1. All browsers show minor variations on the same behavior - so why is Firefox singled out?
2. For my money, Safari does slightly better at explaining the issue with an appropriate level of detail. Marginally.
3. Only IE and Firefox have bothered to warn me that, not only is the cert self-signed but the URLs don't match
4. Opera's risible message was presumably written by someone who expects all internet users to have a CS degree. Hope that's fixed in later versions.
Plus, Firefox is pushing the extended info scheme whereby the certificate holder's name gets displayed on the info bar (as opposed to the old scheme where ploughing through the certificate might reveal the holder's name), which should be a good thing.
--
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
Re:Entirely legitimate by akozakie · 2008-08-22 02:03 · Score: 2, Informative

OR it will force users back to IE. No, really: imagine you're the webmaster. If you use a self-signed cert and your user can't connect and asks for help, what will you do? Buy a cert? Why? Give advice? Sure, but users won't follow even three steps if it "looks complicated". Simplest option is to say "Use IE". Great, we're back to where WWW has been a few years before - creating a niche for which you "have to" use IE anyway, so why switch.
FF is shooting itself in the foot. Especially with self-signed certs - expired ones should be treated much less kindly, but this is too much even in this case.
Another example of idealistic but misguided approach to security - Opera mail client + SSL/TLS. For oh-so-many versions I've been MAD about one thing: every time I started Opera I got a warning that certificates for two mail servers at work had a short RSA key - half of suggested length. No way to say "I know, but I'm not the admin and the ticket got a WONTFIX (until it expires), so stop bugging me already"! I was getting more and more irritated, until finally Opera won. I turned off SSL completely. I switched from hoping that I'm not interesting enough for anybody to try to hack a less-than-suggested encrypted connection to hoping that I'm not interesting enough to snoop on at all. Is THAT better? I think they finally understood the problem, as the newest version allowed me to install the certificate and ignore the short key.
Make sure that your users can tell a really secure connection from an unsecure one. Make that lock icon more visible, or make a big lock symbol flash on the screen for a moment (maybe over the menu so that JavaScript can't simulate it) after establishing a connection. Do everything to make people expect certain behaviour from a secure site and notice when it doesn't happen. But blocking content because you think it's not secure only makes sense if you're consistent and block the completely unencrypted connections as well. Can't do that? So don't do it at all.
Re:Self-signed certificates are not secure by mstamat · 2008-08-22 02:12 · Score: 3, Informative

Do you even know what SSL is for?
Do you?
There are many scenarios involving semi-sensitive data (access to some collaboration website, access to services only supporting basic HTTP authentication etc) where a signed certificate is an overkill.
In these cases a self-signed cert and SSL surely won't protect your data from a malicious web server. However SSL will do a great job protecting your data as they travel to get there. Without SSL, someone with access to any intermediate router can get your data with a plain tcpdump.
Of the hash of a self-signed certificate should be confirmed by a side-channel. Otherwise a MITM attack is possible. But even with the hash uncofirmed, how many people you know that are able to launch a MITM attack?
PS: Do you use self-signed certificate for the ssh server of your linux box/server? If yes, why do you even bother using ssh? You would do fine with telnet in the first place.
Unavoidable with devices by IdahoEv · 2008-08-22 02:28 · Score: 5, Informative

I agree totally, the problem isn't the scary browser notices. It's websites and their poor security practices

Self-signed certs are not always "poor security practices". Consider, for example, devices like the ubiquitous Linksys broadband routers. They support ssl connections for administration, which is probably a good idea (tm).
But signed certs require a domain name, and cost real money (typically $100/year), which is probably a little much for a home user who just wants the extra security on their LAN. So self-signed certs are perfectly reasonable for uses like that.

--
I stole this sig from someone cleverer than me.
1. Re:Unavoidable with devices by joebok · 2008-08-22 03:18 · Score: 3, Insightful
  
  Why pay anything per year? If all you want is encryption between client and server then a self-signed cert is perfectly fine.
2. Re:Unavoidable with devices by Dr.Dubious+DDQ · 2008-08-22 03:44 · Score: 5, Insightful
  
  "Why pay anything per year?"
  StartSSL supposedly offers free-as-in-free-beer SSL certificate-signing services, but even that's not really the issue in my opinion.
  Why are we being told that we must get permission from a "trusted" authority in order to "legitimately" use encryption?
  I wouldn't have even blinked if a commercial, proprietary browser started doing this...but "open source" Mozilla? Campaigning against do-it-yourself encryption? Just to "scare consumers" away from things that might possibly maybe be bad? That just seems completely wrong. The use-case mentioned above of the wifi router which can't necessarily get a "trusted authority" to verify due to lack of a FQDN is a good example of why this shouldn't just be of interest to do-it-yourself hobbyist nerds.
  I still fail to see how being driven away from anti-eavesdropping (but unauthenticated) communications to completely unencrypted AND unauthenticated communications makes people "safer" and am a bit baffled that Mozilla is now treating unauthenticated certificates exactly like fraudelently authenticated certificates.
  The usual retort here assumes that the only alternative is that self-signed certificates be treated the same as authenticated certificates and therefore people will somehow think they're "safe" even though there's a chance the site at the other end might possibly be involved with a "Man-in-the-middle" attack. There's also a disturbing assumption that only corporate "e-commerce" and government sites have any interest in "legitimate" encryption (the "they'll just go out of business if they don't 'buy' a certificate" arguments...). Of course, we do have to worry about the teeming masses of evildoers who break into people's houses to replace their wifi routers in order to steal their slashdot.org login password...
  Why they don't want to consider having a third "encrypted but not 'secure'" state for correct but unauthenticated (self-signed) certificates or certificates that have gone past the arbitrary expiration date encoded in it I also don't know. Does Mozilla corporation have some kind of "partnership" with some of the big "Trusted Authorities" or something?
  
  --
  Hacker Public Radio is our Friend
3. Re:Unavoidable with devices by houstonbofh · 2008-08-22 03:58 · Score: 2, Insightful
  
  And for the 50 routers I manage and have to click a bazillion times to enter, that is still $1500 a year. The question remains, WHY CAN'T I TURN IT OFF?!!!
4. Re:Unavoidable with devices by hxnwix · 2008-08-22 04:33 · Score: 2, Informative
  
  I still fail to see how being driven away from anti-eavesdropping (but unauthenticated) communications to completely unencrypted AND unauthenticated communications makes people "safer"
  Trusted third party signatures guard against man in the middle attacks by allowing verification that the private key used to encrypt data actually belonged to the expected individual or organization and not a criminal.
  All of this depends on the good intentions and competency of the signature authority. In this specific case, Verisign is that trusted party.....................
5. Re:Unavoidable with devices by Dr.Dubious+DDQ · 2008-08-22 05:15 · Score: 3, Insightful
  
  That really has nothing to do with what I said - I'm comparing unauthenticated (self-signed) encrypted sites with unauthenticated UNencrypted sites (no certificate at all). Neither is more subject to the "man in the middle attacks" than the other (unless unencrypted sites are marginally more popular for this due to not having the hassle of setting up encryption). The point is that encrypted but unauthenticated communications are at least secure from eavesdropping between the user and the site, giving it one layer of security (against what I presume is a much more common threat - traffic "sniffing" is much, much easier to accomplish than man-in-the-middle attacks). The seatbelt in my car doesn't protect me from "terrorism", but I'm far more at risk of an automobile accident. I'm not going to stop wearing a seatbelt just because I don't also have armed anti-terrorism agents riding around in my backseat at the same time.
  
  --
  Hacker Public Radio is our Friend
6. Re:Unavoidable with devices by Phroggy · 2008-08-22 06:18 · Score: 3, Interesting
  
  Why are we being told that we must get permission from a "trusted" authority in order to "legitimately" use encryption?
  Because a certificate signed by a trusted authority is the only way to eliminate spoofing and man-in-the-middle attacks, such as those that are possible with a DNS exploit, or setting up an open wireless network and setting the SSID to "linksys".
  I know of a company that sells caching proxy servers that support HTTPS; their clients use them on corporate LANs and they can see the contents of encrypted HTTPS sessions. This lets them do things like scan outgoing messages for sensitive information to detect when an employee might be using GMail to e-mail confidential documents to someone, even though the connection is encrypted. What makes this possible is, the client's IT department configures everyone's browsers to accept this company's own fake CA key, so they can spoof all HTTPS sites with a self-signed certificate. So it only works in a corporate LAN environment - and the only reason it doesn't work everywhere else too is because SSL certs have to be signed by a trusted CA.
  The only possible alternative is to do what SSH does: exchange keys on the first connection, and just assume that you're probably on a trusted network the first time you log in. Then you get a security warning if the server's public key changes. Most of the time this is good enough, but when it comes to online banking, I'd rather be sure.
  
  --
  $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
  $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
7. Re:Unavoidable with devices by dondelelcaro · 2008-08-22 06:53 · Score: 3, Interesting
  The only possible alternative is to do what SSH does: exchange keys on the first connection, and just assume that you're probably on a trusted network the first time you log in. Then you get a security warning if the server's public key changes. Most of the time this is good enough, but when it comes to online banking, I'd rather be sure.
  The right way to handle this sort of thing is to have a real web of trust of people, and then do caching of the fingerprints of the keys. The first part breaks the CA trusted-party monopoly, and the second avoids non-initial untrusted-cert MITM attacks.
  For me at least, the ordering of methods of information transmission that I trust is fairly simple
  
  Keys which I've personally (and physically) verified
  
  Keys which others have verified and I have a trust path with
  
  Keys from CAs which have money on the line guaranteeing their verification
  
  Self-Signed certs
  
  Expired certs
  
  Unencrypted connections
  
  That sending information to slashdot requires a single click, and sending information to my own https servers requires five seems rather silly; I should definetly be warned, but there's no reason to require me to click to pull up a dialog, click to get the certificate, click to accept, then click to dismiss the dialog. A single message with the certificate information as a warning with a display of what this all means and why it may be problematic is good enough.
  --
  http://www.donarmstrong.com
8. Re:Unavoidable with devices by LarsG · 2008-08-22 07:22 · Score: 2, Insightful
  
  Exactly.
  This is an UI issue. The "is this really $my_bank.com" question is already handled by the EV certs and green address bar.
  Making people jump through unnecessary hoops to use self-signed certificates is just counter-productive, since it makes using encryption that much harder. Self-signed doesn't protect you against mitm but it protects you against an eavesdropper; it moves eavesdropping from a passive to an active attack. So the right question to ask is "Why do we want to make encrypted non-authenticated harder to use than not encrypted at all?".
  
  having a third "encrypted but not 'secure'" state
  It is really four states.
  EV-cert, green address bar.
  Cert signed by trusted CA, padlock.
  Self-signed/expired, some indication that the connection is encrypted but not authenticated.
  Plain http, should really have a big red warning sign.
  
  --
  If J.K.R wrote Windows: Puteulanus fenestra mortalis!
Re:Cancel or Allow? by Qzukk · 2008-08-22 02:57 · Score: 2, Interesting

Let's say we're walking down the sidewalk and you see two people walking towards you.
Person 1: Average Joe, mid 20's, wearing t-shirt and jeans. Clean-shaven. Your assessment: Seems OK.
Person 2: Guy wearing a cheap cop costume, waving around a gun. Your assessment: ??? ("Hmm, well, he's trying to look like a cop, so it must be ok!")
I'm not in favor of the way Firefox chooses to handle the situation (I think it's overkill) but "Ignore it and hope nothing bad happens!" is exactly how companies don't bother to discover encryption until after their really important laptop gets stolen. Personally, rather than going with the tiny little bar at the top (that looks exactly like every other little bar I get on every single website since I don't have flash installed), I think Firefox should show a solid red page with a heading indicating that it cannot verify the website below automatically, with a link to learn more about fingerprints and such, a button to say you trust this website (adds this cert for this domain to the list of trusted sites), and inside that page with a 20px margin, have the actual website load in what would effectively be an iframe, so you can see the website immediately, and you get a nice bright red border around the website, so you know that something is up, and that something is different than every other little warning you've gotten.

--
If I have been able to see further than others, it is because I bought a pair of binoculars.
Re:3 types of certificates for 3 scopes of use by Timothy+Brownawell · 2008-08-22 02:59 · Score: 2, Interesting

* Hint: If they are really scared of the self-signed certificates, why do they have the "Permanently store this exception" box checked by default?
That's the one part that makes some amount of sense. It lets the browser really complain if the cert changes (of course, who's going to notice the difference, since it complains so loudly about unsigned certs in the first place...), which should only happen if someone's trying to MitM your connection or if the admin is an idiot and deleted the cert file.
Allow me to translate from fucktard by lord_sarpedon · 2008-08-22 03:34 · Score: 2, Insightful

If you visit a website with either an expired or a self-signed SSL certificate, Firefox 3 will prevent the page from loading, to protect your secure cookies and personal info from what may be a malicious page. Instead it will display a warning... To get past this warning page, users have to go through four different steps before they can be understood to have declared intent to accept the possible consequences, which from a usability standpoint is far from ideal - the users are much more accustomed to signing their death warrants by pressing a single 'Allow' button, so multiple steps for an extremely rare security warning is heretical. This way of handling websites with expired or self-signed SSL certificates is bound to scare away a lot of inexperienced users, who, with their extensive knowledge of cryptography and public key infrastructure, really need not be intimidated with facts and scary words.
This is quite obviously a debate among morons. I'm glad firefox is doing it right.

--
"Strangers have the best candy" -Me
Re:FF3 does the right thing! by Ant+P. · 2008-08-22 05:19 · Score: 2

Is the right thing for my browser to do to tell me that my own webserver on localhost is untrusted, while companies that engage in practices like typosquatting and domain tasting are unquestionably trustworthy? I don't fucking think so.
Of course they do by bill_mcgonigle · 2008-08-22 09:44 · Score: 2, Informative

self-signed certs don't prevent prying eyes in the slightest.
Of course they do.
I installed self-signed certificates on several of my services. I know the fingerprints. I verified the fingerprints in my browser. If the certificates change I'll get an ugly warning.
Where's your attack on this setup?

--
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)