From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1S0z2P-0005jQ-FJ for garchives@archives.gentoo.org; Fri, 24 Feb 2012 17:34:33 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4838EE10A4; Fri, 24 Feb 2012 17:34:18 +0000 (UTC) Received: from mail-lpp01m010-f53.google.com (mail-lpp01m010-f53.google.com [209.85.215.53]) by pigeon.gentoo.org (Postfix) with ESMTP id 23D19E103F for ; Fri, 24 Feb 2012 17:33:21 +0000 (UTC) Received: by lahd3 with SMTP id d3so3459944lah.40 for ; Fri, 24 Feb 2012 09:33:21 -0800 (PST) Received-SPF: pass (google.com: domain of paul.hartman@gmail.com designates 10.112.101.136 as permitted sender) client-ip=10.112.101.136; Authentication-Results: mr.google.com; spf=pass (google.com: domain of paul.hartman@gmail.com designates 10.112.101.136 as permitted sender) smtp.mail=paul.hartman@gmail.com; dkim=pass header.i=paul.hartman@gmail.com Received: from mr.google.com ([10.112.101.136]) by 10.112.101.136 with SMTP id fg8mr1254325lbb.105.1330104801211 (num_hops = 1); Fri, 24 Feb 2012 09:33:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type :content-transfer-encoding; bh=/JvNeOLwcQPbdMLXxfAQnx/ydxXlwl1ueO6qY1WSM/M=; b=JJlNE7utRMP2Q0u1TVQt1GohNEi2O8mZ1M5qqtd8EgiQLlGwcjQWJA85n8cUZJxCMa DWjDMZY0XPG5UWYRKT4zWrSa8ObSv3ISG0XtqQnU+R6P99AfPi+kKE2PtfcaEsNzGv7X bkC0cEpBW6f80Dg57+Mq49OpQ0dk+ljoaQTWw= Received: by 10.112.101.136 with SMTP id fg8mr1022681lbb.105.1330104801142; Fri, 24 Feb 2012 09:33:21 -0800 (PST) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Sender: paul.hartman@gmail.com Received: by 10.112.27.131 with HTTP; Fri, 24 Feb 2012 09:33:01 -0800 (PST) In-Reply-To: <4F47BE2A.6050202@orlitzky.com> References: <4F47401F.5090600@binarywings.net> <4F47BE2A.6050202@orlitzky.com> From: Paul Hartman Date: Fri, 24 Feb 2012 11:33:01 -0600 X-Google-Sender-Auth: NgXjOkiK-b9a3MqaNR0XqD7xy_o Message-ID: Subject: Re: [gentoo-user] This Connection is Untrusted: WAS: Firefox-10.0.1 fails to compile on x86 To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 6be65727-6339-4ba3-9f95-42234a6f94d9 X-Archives-Hash: 9eafa00bef2dfee6d08f351a7ac1d5f0 On Fri, Feb 24, 2012 at 10:43 AM, Michael Orlitzky w= rote: > On 02/24/12 02:45, Florian Philipp wrote: >> >> Let's not forget that whenever you are presented with that warning, it >> could also be a man-in-the-middle attack. Therefore just clicking on >> "Accept" on every site is about the stupidest thing you can do. >> >> I'm unsure how the warning looks when you have previously accepted a >> normally untrusted certificate on that site and now it is different >> (which could be an indication of MITM). I hope there is a big red flashy >> warning but I doubt it. >> > > Not if the certificate is "valid." > > The only sane way to handle certificates with parties you've never met > (i.e. every website) is the SSH method: you accept that, no matter what, > there's always going to be one opportunity for a man-in-the-middle > attack. The first time you connect, you save the remote server's > certificate. If it changes, freak out. > > The certificate patrol extension does this: > > =A0http://patrol.psyced.org/ > > With it, self-signed certificates become more secure than CA-signed ones. Thanks for the link. The MultiZilla extension way back in the Netscape/Mozilla/Seamonkey 1.x days treated certificates like this: you had to approve all certs the first time, even if they were from a trusted CA and if it ever changed for any reason, it would refuse to connect unless you approved the new cert. It seems to me that's how it should *always* work, in all software that uses SSL certificates, but I understand wanting to keep it simple for non-technical users... but those are the very users most at risk, probably the most likely to use hostile wifi networks (in my mind, hostile is anything other than the router I control at my house). Additionally http://perspectives-project.org/ or http://convergence.io/ can help you in establishing the initial trust and are an attempt at eliminating the need to trust CAs at all.