1995-10-03 - Re: User-Specified Trusted CAs in Netscape (Was: Re: NetScape’s dependence upon RSA down for the count!)

Header Data

From: jsw@neon.netscape.com (Jeff Weinstein)
To: cypherpunks@toad.com
Message Hash: b68b7544d7a0b5c5dcf9e43ebc59712ff3afee40f4f8226a09d1aa5eeeef2831
Message ID: <44qklr$igc@tera.mcom.com>
Reply To: <199510012043.NAA06905@illilouette.Eng.Sun.COM>
UTC Datetime: 1995-10-03 06:20:12 UTC
Raw Date: Mon, 2 Oct 95 23:20:12 PDT

Raw message

From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Mon, 2 Oct 95 23:20:12 PDT
To: cypherpunks@toad.com
Subject: Re: User-Specified Trusted CAs in Netscape (Was: Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <199510012043.NAA06905@illilouette.Eng.Sun.COM>
Message-ID: <44qklr$igc@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510020516.BAA21934@giane.cs.umass.edu>, futplex@pseudonym.com (Futplex) writes:
> Bill Soley writes:
> > (3) Netscape is making the problem worse (yes, worse) in the next release
> > by allowing the user to specify their own list of trusted CAs.  (I will
> > elaborate on this unpopular view below.)
> [...]
> > Re: problem 3, about how allowing the user to specify their own list of
> > trusted CAs is bad.  
> [...]
> > it.  Even Mary Moderately-Savy might be tricked in to doing it on the
> > false assumption that it would only affect security for the naughty
> > pictures site (that she may not care about), and not affect security for
> > her stock-broker.  This false assumption might be based on the fact
> > that the (legitimate) stock-broker uses a different CA.
> 
> You seem to be overstating your point a bit. The real problem here, AFAICS,
> is that the proposed protocol in the software wouldn't allow sufficiently 
> fine-grained control over the certification authority approval. The user
> should be able to specify the conditions under which a CA is to be trusted,
> not simply give a blanket approval or rejection. 
> 
> It looks as though a set of trusted (CA, site) pairs would suffice. 
> How about it, Netscape ?  Give the user the opportunity to say "I trust 
> certificates from Alfie's World of Key Certification regarding keys for
> interactions with Elvira's Copier Shack."

  We've already thought of a lot of the stuff you guys have brought up,
and tried to address them in our design.  I'm also taking note on things
we didn't think of.

  There will be various "domains" that you can trust a CA for, including
SSL, e-mail, and payment.  You will be able to enable and disable trust
for specific server certs as well.  You could say, "I don't trust
verisign, but I will trust Joe's Internet Coffee Shop(which happens
to be signed by verisign)".

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





Thread