Re: [TLS] Verifying X.509 Certificate Chains out of order

[pgut001 at cs.auckland.ac.nz (Peter Gutmann)]

I have a followup question for the topic of client-auth UI issues: In my
initial response I made the standard geek mistake of leaping in to address the
technical problem ("ah, I see your problem, you need to oil the guillotine and
then the blade won't stick any more") without examining the underlying
assumptions that it was based on.  The OP said:

  For browsers, there arose a concern that automatic and silent client cert
  authentication allows a web site to request cert authentication even when
  the user has no business relationship with the site, and could be used for
  user tracking, defeating anonymity of browsing.  So the default setting in
  browsers was changed to manual selection to avoid silent user tracking.

So the tradeoff made was to significantly negatively impact usability in
exchange for addressing a perceived privacy threat, specifically the fact that
if I connect to a site that (for some reason) decides that it doesn't want to
use traditional browser cookies or cache cookies or web bugs or Flash cookies
or a million other ways of tracking users (including SSL session cache
identifiers in the specific case of SSL) then they can now find out that I'm
/C=US/O=Verisign/OU=Class 1 CA/OU=No liability accepted/CN=The Jolly Green
Giant/email=qwertyuiop at hotmail.com.  Maybe I'm missing something here, but
this seems to be a case of doing something that significantly negatively
affects security usability (and therefore actual real security) in order to
address an imaginary issue that only a geek could dream up.  Is there some
other issue here that I'm missing?

Peter.
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls