<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div><br></div><div><br>On Oct 6, 2013, at 5:23 PM, <a href="mailto:exarkun@twistedmatrix.com">exarkun@twistedmatrix.com</a> wrote:<br><br></div><blockquote type="cite"><div><span>On 6 Oct, 11:02 pm, <a href="mailto:tobias.oberstein@tavendo.de">tobias.oberstein@tavendo.de</a> wrote:</span><br><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>Personally, I assume root CA private keys of any CA vendor are owned by</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>the NSA anyway.</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>There's no rule that says you have to use a "root CA" signed certificate</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>for your TLS connections.</span><br></blockquote></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Sure, in theory, but there are multiple practical problems when using</span><br></blockquote><blockquote type="cite"><span>self-signed certs or certs signed by a CA not built into browsers. As a</span><br></blockquote><blockquote type="cite"><span>starter, here are 3:</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>- enterprise networks might block those right away with no way for the user</span><br></blockquote><blockquote type="cite"><span>to accept self-signed or import alien CA certs</span><br></blockquote><blockquote type="cite"><span>- the user experience is bad: Firefox scares with dialogs and multiple steps</span><br></blockquote><blockquote type="cite"><span>of overcoming those</span><br></blockquote><blockquote type="cite"><span>- with WebSocket, browers will not even show a dialog! WebSocket are so</span><br></blockquote><blockquote type="cite"><span>called "subresources", and browsers will never render dialogs for these</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>So in practice, I _have_ to use a CA that is built into all major browsers.</span><br></blockquote><span></span><br><span>You're assuming a lot here.  Perhaps TLS is broken for all the uses you're interested in - that doesn't mean it's broken for everyone else's uses.</span><br></div></blockquote><div><br></div><div>Tobias, all of the things you've said here about browser UI, enterprise networks, and key management tooling are true; however, note that none of those nouns are "TLS".</div><div><br></div><div>If you want to fix these problems, two possible options are:</div><div><br></div><div> 1. Write some code that uses TLS (which is a wire protocol, after all, not a trust model or set of trust roots, nor a key management UI) and addresses these issues, by implementing a new trust model, protocol for exchanging trust roots, or key management UI, and selecting appropriate ciphers.</div><div> 2. Write some code that uses a brand new wire protocol with unknown, unaudited security properties, <i>also</i> implementing appropriate ciphers, and <i>also</i> implementing all of the things in point 1.</div><div><br></div><div>One of these options seems obviously superior to me :-).</div><div><br></div><div>It doesn't seem to me that re-working the wire protocol of TLS will fix problematic browser behaviors; only patches to the browsers will do that.</div><br><blockquote type="cite"><div><span>*This* is probably now sufficiently off-topic, though...</span><br></div></blockquote><div><br></div>Man, are there some kind of Topic Police everyone is worried about? Do I need to start taking extra precautions when I write to mailing lists? :-)<div><br></div><div>I think this is on-topic enough, since this might inform TLS work with Twisted in the future, and Vertex has been brought under the Twisted umbrella recently, <a href="https://github.com/twisted/vertex">https://github.com/twisted/vertex</a> and it seeks to provide a different trust model with TLS and Twisted.</div><div><br></div><div>(If anyone objects, of course, feel free to say so and we can take this thread elsewhere.)<br><div><br><blockquote type="cite"><div><span>Jean-Paul</span><br><blockquote type="cite"><span>/Tobias</span><br></blockquote><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>Jean-Paul</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>Really, TLS is broken.</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>We need a new scheme. For encryption session keys, Diffie-Hellman is</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>available, and provides perfect forward secrecy naturally.</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>For authentication, we need a peer-based system like PGP has, not</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>relying on centrally managed trust.</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>I know. Not going to happen any time soon ..</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>/Tobias</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>_______________________________________________</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>Twisted-Python mailing list</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span><a href="mailto:Twisted-Python@twistedmatrix.com">Twisted-Python@twistedmatrix.com</a></span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span><a href="http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python">http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python</a></span><br></blockquote></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>_______________________________________________</span><br></blockquote><blockquote type="cite"><span>Twisted-Python mailing list</span><br></blockquote><blockquote type="cite"><span><a href="mailto:Twisted-Python@twistedmatrix.com">Twisted-Python@twistedmatrix.com</a></span><br></blockquote><blockquote type="cite"><span><a href="http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python">http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python</a></span><br></blockquote><span></span><br><span>_______________________________________________</span><br><span>Twisted-Python mailing list</span><br><span><a href="mailto:Twisted-Python@twistedmatrix.com">Twisted-Python@twistedmatrix.com</a></span><br><span><a href="http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python">http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python</a></span><br></div></blockquote></div></div></body></html>