crypto

One mode, and it is secure

Ian Grigg correctly argues that any internet protocol that has an insecure mode can never be made secure, thus if security is introduced as after thought, will never be secure.

Https is exactly such a bolted on afterthought, and to use it one must pay money, and suffer substantial inconvenience. Further, it is a woefully inefficient protocol, so people always try to minimize their use of it to only what is truly necessary, which they are unlikely to ever do correctly. Further, those to whom one must pay money are themselves a point of failure, not a source of security.

Iang attempts, and fails, to make his website conform to the one mode principle. For a blog to implement “the one mode and it is secure” paradigm it must be accessed by https, and accessing it by http should generate an 301 redirect to the https site. The trouble is, that when one reaches the https site, the site has to have a certificate whose root is accepted by the big browsers, typically a Verisign certificate. Such certificates are a pain to get, and a pain to install. And so, no one ever does. Iang has not got a big name certificate in the appropriate name for his web site, so accessing his site correctly generates no end of alarming error dialogs.

One comment One mode, and it is secure

Ken says:

Ian’s use of a self-signed SSL certificate is on purpose.

His blog is as secure as SSL. It just isn’t “trusted” by top level CA’s.

His refusal to buy a signed cert is a quiet protest against the useless “security theatre” of authority-signed certificates that don’t actually provide any additional security.

He recently posted examples of CA signed certs being used by Phishing sites as proof that CA’s will issue a cert to anyone who pays for it, therefore negating the so-called value of the CA-signed certificate.

Leave a Reply

Your email address will not be published. Required fields are marked *