Ah Python, you have spoiled me for all other languages
Tim Daneliuk
tundra at tundraware.com
Sat May 23 07:21:25 EDT 2015
On 05/23/2015 01:55 AM, Johannes Bauer wrote:
> On 23.05.2015 05:31, Michael Torrie wrote:
>
>> Sigh. I blame this as much on the browser. There's no inherent reason
>> why a connection to a site secured with a self-signed certificate is
>> insecure.
>
> The problem is *not* that the certificate is self-signed.
>
> It's that it's unknown previously to being encountered within the TLS
> handshake. And that *does* make it inherently insecure.
>
> Not algorithmically, obviously. I can still do a DH-handshake with the
> remote peer that will generate a shared secret no eavesdropper will
> know. The browser just can't be sure that whoever it negotiated the DH
> with is really the endpoint (i.e. the webserver). That is the problem.
>
> I dislike CAs as much as the next guy. But the problem of distributing
> trust is just not easy to solve, a TTP is a way out. Do you have an
> alternative that does not at the same time to providing a solution also
> opens up obvious attack surface?
>
> Cheers,
> Johannes
>
Trust has context. You're going to that site to read an article. This
is rather different than, say, going somewhere to transact commerce or
move money.
I have been doing an experiment with tundraware.com to try out https
everywhere to see just what breaks and who squawks. I've seen a number
of concerns like the ones on this thread. Most interestingly, this
seems to be breaking the FreeBSD ports build mechanism for the ports
I'd previously contributed to the project.
This is a tough tradeoff. If you don't run https, then your every interaction
with the website can be trivially monitored by a third party. Even just
the metadata of when you do use https and when you do not can be useful
to an eavesdropper. So, there is increasing thought that we should all just
run https everywhere all the time. But then we run into the signing problem.
I am hoping that we will soon see free or inexpensive CAs to make that
problem go away. See:
https://www.eff.org/deeplinks/2014/11/certificate-authority-encrypt-entire-web
--
----------------------------------------------------------------------------
Tim Daneliuk tundra at tundraware.com
PGP Key: http://www.tundraware.com/PGP/
More information about the Python-list
mailing list