If clients trust the cert and add it to their store, what happens when your key is stolen? Where’s the CRL And how is trust established with the provider of that CRL (which I assume is also self-signed and requires TOFU)? What if first contact is made with a MitM and trust is established with the actor?
With no third party trust anchor, how do you authenticate identity? You’ve got an encrypted connection but to who?
Certs on the public internet aren’t just about confidentiality and integrity, they’re about authenticity, something the author of the article doesn’t quite understand. Certificates are literally about binding identity to a key, with CAs providing a way to bootstrap trust of that binding.
There hasn’t really been a better proposed solution to this problem.
DANE/DNSSEC shifts trust from CAs to registrars, PGP Web of Trust is complex for users and adds friction to revocations, key pinning breaks catastrophically if you lose the key, DNS CAA just constrains the CA model but is still the same thing. Blockchain still has key loss issues and how do you handle disputes? Also you’re centralising things economically since biggest miners thus dominates.
SPKI was really interesting and actually positioned that identity key bindings via certs could negate the need for CAs if binding shifted to a protocol. It didn’t get anywhere though.
Don’t get me wrong, I have my own PKI and CA at home and “self-sign” internally but that’s fine when i can personally establish trust and authenticate but it doesn’t internet-scale where everyone is predominately strangers.
Why does your use case trump all other use cases for users on the internet?
Just because your use of HTTP doesn’t expose users to risks (technically it does to MitM) doesn’t mean users shouldn’t be warned about the risks of HTTP by their browser.
You’re annoyed at browsers, not HTTPS or CAs. There’s nothing in the specifications / RFCs that HTTP warnings are MUSTs.
Yeah. I hate browsers for making me put up with this, not HTTPS as a concept or the third parties. I’m sorry if this came across as a dog on HTTPS itself, because it’s not. It’s about Google forcing me to jump through hoops for them because if my site throws errors on Chrome then my site might as well not exist.
If clients trust the cert and add it to their store, what happens when your key is stolen? Where’s the CRL And how is trust established with the provider of that CRL (which I assume is also self-signed and requires TOFU)? What if first contact is made with a MitM and trust is established with the actor?
With no third party trust anchor, how do you authenticate identity? You’ve got an encrypted connection but to who?
Certs on the public internet aren’t just about confidentiality and integrity, they’re about authenticity, something the author of the article doesn’t quite understand. Certificates are literally about binding identity to a key, with CAs providing a way to bootstrap trust of that binding.
There hasn’t really been a better proposed solution to this problem.
DANE/DNSSEC shifts trust from CAs to registrars, PGP Web of Trust is complex for users and adds friction to revocations, key pinning breaks catastrophically if you lose the key, DNS CAA just constrains the CA model but is still the same thing. Blockchain still has key loss issues and how do you handle disputes? Also you’re centralising things economically since biggest miners thus dominates.
SPKI was really interesting and actually positioned that identity key bindings via certs could negate the need for CAs if binding shifted to a protocol. It didn’t get anywhere though.
Don’t get me wrong, I have my own PKI and CA at home and “self-sign” internally but that’s fine when i can personally establish trust and authenticate but it doesn’t internet-scale where everyone is predominately strangers.
Why do strangers who come across my website to look at pictures of cats need to authenticate my identity?
Why does your use case trump all other use cases for users on the internet?
Just because your use of HTTP doesn’t expose users to risks (technically it does to MitM) doesn’t mean users shouldn’t be warned about the risks of HTTP by their browser.
You’re annoyed at browsers, not HTTPS or CAs. There’s nothing in the specifications / RFCs that HTTP warnings are MUSTs.
Yeah. I hate browsers for making me put up with this, not HTTPS as a concept or the third parties. I’m sorry if this came across as a dog on HTTPS itself, because it’s not. It’s about Google forcing me to jump through hoops for them because if my site throws errors on Chrome then my site might as well not exist.