homepage Welcome to WebmasterWorld Guest from 204.236.254.124
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
New Proposal To Strengthen Public Key Infrastructure, SSL Chain
engine




msg:4389913
 5:03 pm on Nov 22, 2011 (gmt 0)

New Proposal To Strengthen Public Key Infrastructure, SSL Chain [computerworld.com]
The Electronic Frontier Foundation (EFF) is proposing an extension to the current SSL chain of trust that aims to improve the security of HTTPS and other secure communication protocols.

EFF's "Sovereign Keys" (SK) specification is designed to give domain owners control over the link between their domain names and their certificates after recent Certificate Authority (CA) compromises raised serious questions about the security of the entire Internet Public Key Infrastructure (PKI).


 

Sgt_Kickaxe




msg:4390160
 7:37 am on Nov 23, 2011 (gmt 0)

More control for webmasters over their own web properties, I'm all for it. The fewer companies and 3rd party servers required the better.

These validated domain-certificate associations are kept on so-called timeline servers and are synchronized with mirrors that are queried by clients.


Ah well.

tcsoftware




msg:4390203
 9:59 am on Nov 23, 2011 (gmt 0)

In essence, the SK model reduces the number of attack points from hundreds of CAs to 30 or fewer servers where any compromise can be detected automatically. Suspicious entries and other indications of a security breach will cause a compromised server to be immediately ignored by mirrors and clients alike.


One good DoS attack and HTTPS breaks for everyone, everywhere!

kapow




msg:4390412
 6:41 pm on Nov 23, 2011 (gmt 0)

I think the recent Certificate Authority compromises were the tip of a newly emerging iceberg. Funny how the rhetoric goes '...it would take a hacker a zillion years to crack this' Then ...Hacked Do'h!

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved