← Back to context

Comment by chetanahuja

11 years ago

"Treating this as a grave error IMHO is right because by accepting the connection over SSL, you state that the conversation between the user agent and the server is meant to be private."

This is misguided thinking, pure and simple. Because of this line of thinking, your everyday webmaster has been convinced that encrypting data on a regular basis is more trouble than it's worth and allowed NSA (or the Chinese or the Iranian or what have you) authorities to simply put in a tap to slurp the entire internet without even going through the trouble of targeting and impersonating. Basically, this is the thinking that has enabled dragnet surveillance of the internet with such ease.

8 comments

chetanahuja

Reply
riffraff  11 years ago

but as user I can understand that an http site is insecure, while a self signed certificate might lead me into a false sense of security.

  • chetanahuja  11 years ago

    That's the proffered reasoning as we all know. But the actual outcome (to quote rufb from this comment https://news.ycombinator.com/item?id=8625739)

        Encrypted (Certified)    COOL GREEN
    Encrypted (Self-Signed)  EVIL RED
    Unencrypted              NOTHING / NEUTRAL CHROME

 Tell me how the logic works here (for an average user).

    • RRRA  11 years ago

      Not considering the many holes, cyphersuites, running TLS 1.3+ etc.

      ( http://wingolog.org/archives/2014/10/17/ffs-ssl )

      ...it should probably look like this:

      Safe against active attacks:

          Encrypted (Certified)    COOL GREEN

      Safe against passive attacks:

          Encrypted (Self-Signed)  SCARY ORANGE

      Safe against world peace, ie. UNSAFE:

          Unencrypted              EVIL RED

    • dragonwriter  11 years ago

      > Tell me how the logic works here (for an average user).

      "Neutral Chrome" is the default state of the web -- the site doesn't assert that it should be trusted, and it shouldn't be, and that's the default state people should have in approaching the web.

      "Cool Green" is "the site asserts that it has a particular identity and that communication with that identified site is private, and it passes the tests built into the browser's security model to verify all that."

      "Evil Red" is "the site asserts that it has a particular identity and that communication with that identified site is private, but it fails the tests built into the browser's security model to verify all that."

      Seems to me to be perfectly logical, even if we might prefer a better security model for making and verifying the claims at issue.

      3 replies →

    • lsh123  11 years ago

      I can self-sign a certificate for gmail, the browser correctly warns about potential BIG security issues with it.