"The self-signed certs provide an encrypted connection."
No they don't.
Look up Diffie Hellman (DH or DHE key exchange in SSL or TLS). They don't provide encryption. In fact asymmetric encryption with certificates is computationally expensive and discouraged.
The only this a self-signed certificate gives you that a certificate-less connection gives you is the assurance that you are talking to the same guy as last time you tried, or at least someone with his private key.
You still shouldn't trust sending financial info over an unauthenticated connection. Or (increasingly) anything at all, as it could be your ISP listening in, as they increasingly seem to want to do.
People who don't understand anything about security (or computers) will be phished all the more easily if they get used to seeing self signed certs. People who have just enough knowledge to be dangerous will also think they're somehow safe. They aren't.
No, SSL (well TLS) is not useless for authentication, not in the slightest.
If you're going to argue that you don't trust the CAs, then that's one thing, but I won't have you slandering an entire family of protocols just because you don't like the policies of a few companies! TLS is great, and TLS is very secure, IF you take an interest in what's going on. If you just want certificate change detection then your browser is good for that too, but expect to get a nice fat warning the first time.
The problem here is not the protocol, and it's not the browser behaviour, it's the CA behaviour.
1) They should't be doing that. And if he's an insider then he'll get caught. 2) This hasn't yet happened as far as I know 3) Without CAs the guy doesn't have to go through getting the thing, which most likely will be caught as yourbank.com is already taken, and yourbank.com is a known entity and they should (and it appears they do) have better procedures than to sell multiple citibank certs.
I agree that it would be better for them to take a lot more precautions, but they're currently the best we've got.
UNLESS you want to do things in-house and take responsibility for distributing the trusted root certificate for your own CA to those that need it. That there is the best option, but most folks don't want to do that and for yourbank.com it would be a big expense to make sure all the customers received this cert in an offline/secure way.
And yes, it's not meant to be flamebait, I just need more coffee this morning and to stop throwing the invectives around...
You have no privacy if you have no authentication, with the current DNS attacks and the prevalence of wireless access, you need authentication more than ever if you want any explanation of privacy.
I work on SSL/TLS professionally, so I'm genuinely interested in your privacy issues and how they are better being served without a certification authority. Because to me, without authentication, you may as well not bother.
Which is why I said you have those two choices. I'm not insisting you pay for certificates - become your own authority by all means - but don't expect to get by without one.
In fact, if you aren't going to run with any sort of authority (internal or external) you may as well not bother with a certificate, as SSL/TLS will still provide you with unsniffable encryption, but leave everything just as vulnerable to MITM attack.
"It is just as true for a self-signed certificate--it verifies you are talking to the person who generated the certificate"
No it doesn't.
Not if you haven't pre-distriuted the associated authority public key it doesn't. It doesn't verify anything.
"The $10 certificates are a giant boondoggle, a business that shouldn't exist except for misguided policy decisions on the part of browser developers."
No, they're not.
You have a choice -
a) Distribute your authority certificate to your users ahead of time, so that they can be sure who you are b) Suck it up and pay 10$ for someone else to do it for you.
a is probably the best option, but it's currently not practical. b is the next best.
Just getting users to accept self-signed server certificates is very bad, because it trains them to accept them, and they'll get phished.
"there are a LOT of community websites (that cater to thousands of people, the smallest one), small businesses, their customers, vpn users, a lot of people that are going to be hurt by this overly self righteous move. "
Please demonstrate how.
Community websites don't generally need crypto, and if they sell stuff then anyone with half a brain would want 3rd party authenticated comms for doing financial transactions.
A few bucks a year for a cert for their web page won't kill a small business.
If you're a VPN user then it's trivial to set up an in house certification agency and distribute the CA certificate with your client program.
"one thinks it seems right for you, and therefore it is probably right for others. of course, all the while clueless about how many people, businesses, organizations and communities use self signed certs throughout the web, just because their isolated position."
You have a choice -
a) Make and distribute your own CA certificate to those that need it. b) Pay for a certificate so that you don't have to do this.
Self signed certificates with no prior distribution are DANGEROUS.
And Grandma doesn't care about getting secure access to your blog.
She cares about reading the news, chatting about knitting on the wool forum, sending email to the grandkids and accessing her bank account. Only the last one requires encryption, and for that you want full third-party authentication.
Streamlining this process or just warning Grandma will leave her with an empty bank account in no time.
If I'm connecting to my bank, and I get a certificate that matches the domain name and was signed by a widely trusted 3rd party, that gives me much more confidence than selecting some bozo's self-signed certificate.
Does it guarantee the identity and trustworthiness of the entity? Not absolutely, but it's a whole hell of a lot better than just encrypting comms and sending them to whoever happens to be running a man in the middle attack today.
No, the certificates verify that you are talking to whoever the CA gave the certificate to. That's all they do, and that's very important. You don't have to go any further than that.
Parent didn't say single UNIX, and I don't know what UNIX is if it's not what the opengroup certify and what those companies I mentioned continue to produce.
The caloric content is the energy you get for complete combustion of something, measured in a bomb calorimeter.
Now, if you want to go the other way and say the daily intake guidelines are based on soft figures about how many calories people can extract, or that the figures for how much energy someone burns when doing exercise may well vary from person to person, then go ahead.
I know exactly what it means, but as part of a minor piece of humour I didn't think it relevant or necessary to make sure I included exactly the right number of deliberate, consciously inserted backspace characters.
Have you considered therapy? You seem to have come down with an extreme case of pedantry.
It's payrise month here and as a result I can afford^H^H^H^H needed something to help me get over the disappointment.
No I don't need them either. I'm hoping, vaguely, that it might be a bit cheaper to buy this up front and then get a SIM-only contract. I'm prepared to be let down (again) by the real world though.
I'm hoping we'll get there before too long - I've just ordered an Openmoko Neo Freerunner. it has a GPS unit, I'm not sure what you can do with it yet.
If we can get some sort of GPL'd Tom-Tom or Garmin style software, that would be cool.
"Do you think national healthcare is free?? Where do you think these countries get the money for that and other social[ist] programs? They tax the hell out of companies, imports (and individuals)"
Wow, yeah, those evil socialist countries that tax imports from the great free US of A which would never do that sort of thing for protectionism or for profit. No sir! Free trade all the way!
Oh wait, no, the EU provides easy and cheap access to its market but the USA is in contravention of WTO rules because it applies tarrifs and duties to imports that restrict free trade.
Try again - tax for things like healthcare come from the people, not from imports.
Oh I agree, I just didn't like the guy's blanket "Drugs will automatically ruin your life" thing.
I also don't like the term "drugs" because it covers an enormous range of effects, harms, dependencies and substances legal and illegal.
Point 2 is a stronger point, but point 1 is pretty strong too, especially when (as you say) so many politicians have admitted to use of pot, or stronger substances.
These admissions are usually followed by "in my youth, it was a mistake, no we're not going to legalise it", which seems to me the worst sort of hypocrisy:
"I was alright, but you still need to go to jail for this"
"But a self-signed cert is better than no cert"
Only in that you can tell it changed from last time. Otherwise using authentication-less SSL is just as good.
What you really want is to act as your own CA and then make sure your users get your trusted public certificate ahead of time and in a secure way.
Much of the time they are, given that it's usually phishing sites that will try to encrypt but can't authenticate.
"The self-signed certs provide an encrypted connection."
No they don't.
Look up Diffie Hellman (DH or DHE key exchange in SSL or TLS). They don't provide encryption. In fact asymmetric encryption with certificates is computationally expensive and discouraged.
The only this a self-signed certificate gives you that a certificate-less connection gives you is the assurance that you are talking to the same guy as last time you tried, or at least someone with his private key.
No, it makes a lot of sense.
You still shouldn't trust sending financial info over an unauthenticated connection. Or (increasingly) anything at all, as it could be your ISP listening in, as they increasingly seem to want to do.
People who don't understand anything about security (or computers) will be phished all the more easily if they get used to seeing self signed certs. People who have just enough knowledge to be dangerous will also think they're somehow safe. They aren't.
I don't think that's enough.
It needs to interrupt the flow of what the user's doing, and significantly, so they actually think about it.
Dropping low-rent CAs is a good plan though.
No, SSL (well TLS) is not useless for authentication, not in the slightest.
If you're going to argue that you don't trust the CAs, then that's one thing, but I won't have you slandering an entire family of protocols just because you don't like the policies of a few companies!
TLS is great, and TLS is very secure, IF you take an interest in what's going on.
If you just want certificate change detection then your browser is good for that too, but expect to get a nice fat warning the first time.
The problem here is not the protocol, and it's not the browser behaviour, it's the CA behaviour.
It's only really useful if you can guarantee you're safe the first time.
Pre-distribution of a trusted root (or even the md5sum of a trusted root) would be fine. But that's basically what you pay the CAs for.
The point is that
1) They should't be doing that. And if he's an insider then he'll get caught.
2) This hasn't yet happened as far as I know
3) Without CAs the guy doesn't have to go through getting the thing, which most likely will be caught as yourbank.com is already taken, and yourbank.com is a known entity and they should (and it appears they do) have better procedures than to sell multiple citibank certs.
I agree that it would be better for them to take a lot more precautions, but they're currently the best we've got.
UNLESS you want to do things in-house and take responsibility for distributing the trusted root certificate for your own CA to those that need it. That there is the best option, but most folks don't want to do that and for yourbank.com it would be a big expense to make sure all the customers received this cert in an offline/secure way.
And yes, it's not meant to be flamebait, I just need more coffee this morning and to stop throwing the invectives around...
You have no privacy if you have no authentication, with the current DNS attacks and the prevalence of wireless access, you need authentication more than ever if you want any explanation of privacy.
I work on SSL/TLS professionally, so I'm genuinely interested in your privacy issues and how they are better being served without a certification authority. Because to me, without authentication, you may as well not bother.
Which is why I said you have those two choices. I'm not insisting you pay for certificates - become your own authority by all means - but don't expect to get by without one.
In fact, if you aren't going to run with any sort of authority (internal or external) you may as well not bother with a certificate, as SSL/TLS will still provide you with unsniffable encryption, but leave everything just as vulnerable to MITM attack.
"It is just as true for a self-signed certificate--it verifies you are talking to the person who generated the certificate"
No it doesn't.
Not if you haven't pre-distriuted the associated authority public key it doesn't. It doesn't verify anything.
"The $10 certificates are a giant boondoggle, a business that shouldn't exist except for misguided policy decisions on the part of browser developers."
No, they're not.
You have a choice -
a) Distribute your authority certificate to your users ahead of time, so that they can be sure who you are
b) Suck it up and pay 10$ for someone else to do it for you.
a is probably the best option, but it's currently not practical. b is the next best.
Just getting users to accept self-signed server certificates is very bad, because it trains them to accept them, and they'll get phished.
"there are a LOT of community websites (that cater to thousands of people, the smallest one), small businesses, their customers, vpn users, a lot of people that are going to be hurt by this overly self righteous move. "
Please demonstrate how.
Community websites don't generally need crypto, and if they sell stuff then anyone with half a brain would want 3rd party authenticated comms for doing financial transactions.
A few bucks a year for a cert for their web page won't kill a small business.
If you're a VPN user then it's trivial to set up an in house certification agency and distribute the CA certificate with your client program.
"one thinks it seems right for you, and therefore it is probably right for others. of course, all the while clueless about how many people, businesses, organizations and communities use self signed certs throughout the web, just because their isolated position."
You have a choice -
a) Make and distribute your own CA certificate to those that need it.
b) Pay for a certificate so that you don't have to do this.
Self signed certificates with no prior distribution are DANGEROUS.
"Grandma won't know what the hell to do"
And Grandma doesn't care about getting secure access to your blog.
She cares about reading the news, chatting about knitting on the wool forum, sending email to the grandkids and accessing her bank account. Only the last one requires encryption, and for that you want full third-party authentication.
Streamlining this process or just warning Grandma will leave her with an empty bank account in no time.
That depends what you're trusting.
Are you trusting that because they guy at the other end has e certificate that he is an honest trader and to be trusted with your money?
Bzzzzzzt. You deserve everything you get.
Are you trusting that you're talking to the company you thing you're talking to and nobody's listening it? Because that's what it gives you.
No.
Seriously, stop being a retard.
If I'm connecting to my bank, and I get a certificate that matches the domain name and was signed by a widely trusted 3rd party, that gives me much more confidence than selecting some bozo's self-signed certificate.
Does it guarantee the identity and trustworthiness of the entity? Not absolutely, but it's a whole hell of a lot better than just encrypting comms and sending them to whoever happens to be running a man in the middle attack today.
No, the certificates verify that you are talking to whoever the CA gave the certificate to. That's all they do, and that's very important. You don't have to go any further than that.
Parent didn't say single UNIX, and I don't know what UNIX is if it's not what the opengroup certify and what those companies I mentioned continue to produce.
BSD *is* UNIX. As are the rest.
UH ...
Linux would be a clone. The rest are certified as Unix. I don't get what your definition of UNIX is that excludes these.
Care to explain, genius?
Because as far as I'm concerned (and sun, IBM, HP, BSD and Apple) it's still alive and well.
"Microsoft either joins the program or fizzles out like Unix proper did."
Oh, so dead and gone like SunOS, AIX and MacOS?
'tard.
No it isn't.
The caloric content is the energy you get for complete combustion of something, measured in a bomb calorimeter.
Now, if you want to go the other way and say the daily intake guidelines are based on soft figures about how many calories people can extract, or that the figures for how much energy someone burns when doing exercise may well vary from person to person, then go ahead.
But calories are a scientific measurement.
Oh dear god!
I know exactly what it means, but as part of a minor piece of humour I didn't think it relevant or necessary to make sure I included exactly the right number of deliberate, consciously inserted backspace characters.
Have you considered therapy? You seem to have come down with an extreme case of pedantry.
Yeah, it's not going to be easy, and navigation data is not easy to find or cheap.
OTOH a friend (who is also buying a freerunner) used to work in the industry so I'm hoping he knows a thing or two :)
It's payrise month here and as a result I can afford^H^H^H^H needed something to help me get over the disappointment.
No I don't need them either. I'm hoping, vaguely, that it might be a bit cheaper to buy this up front and then get a SIM-only contract. I'm prepared to be let down (again) by the real world though.
I'm hoping we'll get there before too long - I've just ordered an Openmoko Neo Freerunner. it has a GPS unit, I'm not sure what you can do with it yet.
If we can get some sort of GPL'd Tom-Tom or Garmin style software, that would be cool.
"Do you think national healthcare is free?? Where do you think these countries get the money for that and other social[ist] programs? They tax the hell out of companies, imports (and individuals)"
Wow, yeah, those evil socialist countries that tax imports from the great free US of A which would never do that sort of thing for protectionism or for profit. No sir! Free trade all the way!
Oh wait, no, the EU provides easy and cheap access to its market but the USA is in contravention of WTO rules because it applies tarrifs and duties to imports that restrict free trade.
Try again - tax for things like healthcare come from the people, not from imports.
Oh I agree, I just didn't like the guy's blanket "Drugs will automatically ruin your life" thing.
I also don't like the term "drugs" because it covers an enormous range of effects, harms, dependencies and substances legal and illegal.
Point 2 is a stronger point, but point 1 is pretty strong too, especially when (as you say) so many politicians have admitted to use of pot, or stronger substances.
These admissions are usually followed by "in my youth, it was a mistake, no we're not going to legalise it", which seems to me the worst sort of hypocrisy:
"I was alright, but you still need to go to jail for this"