Re: [TLS] Fixing TLS Trust
Nico Williams <nico@cryptonector.com> Mon, 30 April 2012 17:31 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F2F721F8855 for <tls@ietfa.amsl.com>; Mon, 30 Apr 2012 10:31:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.857
X-Spam-Level:
X-Spam-Status: No, score=-0.857 tagged_above=-999 required=5 tests=[AWL=-1.294, BAYES_40=-0.185, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KQxQHwkUNWO5 for <tls@ietfa.amsl.com>; Mon, 30 Apr 2012 10:31:25 -0700 (PDT)
Received: from homiemail-a90.g.dreamhost.com (caiajhbdcbbj.dreamhost.com [208.97.132.119]) by ietfa.amsl.com (Postfix) with ESMTP id D426621F8848 for <tls@ietf.org>; Mon, 30 Apr 2012 10:31:25 -0700 (PDT)
Received: from homiemail-a90.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a90.g.dreamhost.com (Postfix) with ESMTP id 708C92AC059 for <tls@ietf.org>; Mon, 30 Apr 2012 10:31:25 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=cryptonector.com; h=mime-version :in-reply-to:references:date:message-id:subject:from:to:cc :content-type:content-transfer-encoding; q=dns; s= cryptonector.com; b=D4If+jlaIpf1pe7nRQj2oO5V7grg88sIeFW7YJqtyEPy 16kRuRQm37KcdMYpC5KXXAR/AMVRlGoL4FK0T4dhaD+9Gx/y3j/1Ybwyp+DrLtr5 XePXOVA2qRjuGdYUeHyKtMvhJwjqNjXRRBQneAXcWVKNwrL1d+JaHUIoBcxJrIk=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type:content-transfer-encoding; s= cryptonector.com; bh=DgsovsFy6GqD2apjHA18R/LuuLc=; b=n7uKhLJ+b6g I9Pc/YE73Kesw6OvVmx7zn9r5+y9ycYZNzCXFomqupX7u1LrT2irsyXdQgAopyno yJ5hoPdy8VmQL7iFy2zRn9n8be0Bmd0o43/t2cKkqZy9FgA+ofN9+ZUApm9dJJg9 NbmCOL/a4afGJVq+qPYv3iLFLlzL+1TA=
Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a90.g.dreamhost.com (Postfix) with ESMTPSA id 4DE132AC072 for <tls@ietf.org>; Mon, 30 Apr 2012 10:31:24 -0700 (PDT)
Received: by pbcwy7 with SMTP id wy7so764060pbc.31 for <tls@ietf.org>; Mon, 30 Apr 2012 10:31:24 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.225.170 with SMTP id rl10mr47745975pbc.76.1335807084447; Mon, 30 Apr 2012 10:31:24 -0700 (PDT)
Received: by 10.68.28.6 with HTTP; Mon, 30 Apr 2012 10:31:24 -0700 (PDT)
In-Reply-To: <37860D94-8750-40F9-9388-07057B4E6ECD@bblfish.net>
References: <37860D94-8750-40F9-9388-07057B4E6ECD@bblfish.net>
Date: Mon, 30 Apr 2012 12:31:24 -0500
Message-ID: <CAK3OfOjeruZmky1pwgSzodLt0uRNjpQc8GaC6=Qt_FLW6WkeBg@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Henry Story <henry.story@bblfish.net>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: "tls@ietf.org List" <tls@ietf.org>, public-webid <public-webid@w3.org>
Subject: Re: [TLS] Fixing TLS Trust
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Apr 2012 17:31:28 -0000
On Mon, Apr 30, 2012 at 11:46 AM, Henry Story <henry.story@bblfish.net> wrote: > TLS currently helps one know that when opens a connection to a service (domain:port pair) > one is actually connected to the machine that officially owns that domain. It does not > give one the big picture of what kind of entity one is actually connected to: > ie. it does not answer the following questions: > > - is this a legal entity? > - which country is it based in (or which legal framework is it responsible to) > - who are the owners > - what kind of organisation is it? (individual, bank, commerce, school, university, charity...) There are not things I've cared much about in the brick and mortar world because those things are implied. It's... difficult to put up a fake bank, with fake tellers, advertisement, and so on. Not so difficult to put up or hack hole-in-the-wall ATMs, but then I don't use hole-in-the-wall ATMs. In the off-line world this approach pervades. Now, it is true that I care about track records (e.g., when making investments), but I've never asked "who are the owners?", except for small restaurants/shops that I like and where knowing the owners is social benefit. I've also not asked "is this a legal entity". Maybe I'm just naive? When I see a doctor I see diplomas on their office walls, but I don't go double checking them. And so on. In the on-line world some of these questions are more interesting, but only because trust is harder to establish. And anyways, we don't get answers to these questions on-line, not most users anyways. The trick is to get domain names to reflect the same things that brick and mortar sites do. > In a recent talk I gave at the European Identity conference in Biel, Switzerland, I looked > at how this extra information could be made available by using WebID and Linked Data, published > by official entities in ways that gave those documents legal weight. This would not be technically > very difficult to do, but would provide huge benefits to the web. It could increase trust > in the way people use the web, and it could enable commerce in a much broader way that hitherto > found on the web. No matter what we're still talking about how to establish trust. That's the hard part. How do I trust that such and such corporation owns some website? I have to know who is making that statement, and for that I must authenticate them, and I've to decide if they can make that statement authoritatively, and whether I trust them (even if I can authenticate them). Assuming the TLS server PKI works then you're right, this is simple to add as a *protocol*. Though you'd still need to get someone to do the vouching: it won't be governments, since there are some many ones that are authoritative at some level that users could not really authorize them to make these statements, so it has to be some commercial operation, or a national-level agency. That sounds so difficult to pull off, and likely to provide so little value that I don't think it can happen. But on a smaller scale it could happen, and, indeed, it does already. What I have in mind is federations of like companies. Sites like Amazon, eBay, and Yahoo! already have, effectively, federations of vendors. I'd like to see a federation of banks. Nico --
- [TLS] Fixing TLS Trust Henry Story
- Re: [TLS] Fixing TLS Trust Martin Rex
- Re: [TLS] Fixing TLS Trust Nico Williams
- Re: [TLS] Fixing TLS Trust Henry Story
- Re: [TLS] Fixing TLS Trust Henry Story
- Re: [TLS] Fixing TLS Trust Nico Williams
- Re: [TLS] Fixing TLS Trust Geoffrey Keating
- Re: [TLS] Fixing TLS Trust Henry Story
- Re: [TLS] Fixing TLS Trust Henry Story