headers
Chris Salter | 17 Jun 2012 18:49

Re: https - hopefully not too stupid a question

On 17/06/2012 07:48, Alec Muffett wrote:
> MITM can sometimes be found out nowadays because a small number of
> people are running technologies like Convergence
> (See:http://www.youtube.com/watch?v=Z7Wl2FW2TcA  - I consider this a
> must-see video for the perspective it imparts) which eschews the
> trust model of Certificate Authorities in favour of a real-time check
> that the certificate you see for GMail in the UK is the same as is
> presented in the USA, Canada, Finland, Russia, Brazil…  i.e.: that
> nobody is lying to you without lying to them as well.

Many many thanks for that; video definitely a 'must-see'! Well worth 48 
minutes of anyone's time.

Regards to All,

Chris

--

-- 
Chris Salter
http://www.originalthinktank.org.uk/
http://www.post-polio.org.uk/
Permalink | Reply |
headers
Peter Fairbrother | 17 Jun 2012 23:32
Picon
Favicon

Re: https - hopefully not too stupid a question

Chris Salter wrote:
> On 17/06/2012 07:48, Alec Muffett wrote:
>> MITM can sometimes be found out nowadays because a small number of
>> people are running technologies like Convergence
>> (See:http://www.youtube.com/watch?v=Z7Wl2FW2TcA  - I consider this a
>> must-see video for the perspective it imparts) which eschews the
>> trust model of Certificate Authorities in favour of a real-time check
>> that the certificate you see for GMail in the UK is the same as is
>> presented in the USA, Canada, Finland, Russia, Brazil…  i.e.: that
>> nobody is lying to you without lying to them as well.
> 
> Many many thanks for that; video definitely a 'must-see'! Well worth 48 
> minutes of anyone's time.

For the first 38 minutes, very much so.

After that he start promoting his solution, which afaict doesn't 
actually work - but he does seem to have a much better grasp of the 
problem than most.

The idea of consulting your chosen authority, rather than those 
hardwired into your web browser,  ... well. maybe. Or maybe not.  It 
does seem attractive.

At least it's different, but is it actually any better?

-- Peter Fairbrother
Permalink | Reply |
headers
Alec Muffett | 17 Jun 2012 23:38
Picon
Gravatar

Re: https - hopefully not too stupid a question


On 17 Jun 2012, at 22:32, Peter Fairbrother wrote:

> At least it's different, but is it actually any better?

I use the word "complementary".

	-a
Permalink | Reply |
headers
Peter Fairbrother | 17 Jun 2012 23:58
Picon
Favicon

Re: https - hopefully not too stupid a question

Alec Muffett wrote:
> On 17 Jun 2012, at 22:32, Peter Fairbrother wrote:
> 
>> At least it's different, but is it actually any better?
> 
> I use the word "complementary".
>
> 

Well yes, but any kind of "you can use it alongside the regular method" 
method should work just fine on it's own.

:)
Permalink | Reply |

Gmane