We need to make certs free and deprecate HTTP in favour of HTTPS with AES/TLS

[movieman]

All I need is that the passwords users use to login to a forum or whatever can't be sniffed on their way to the site. And for just that, the browser shouldn't nag the user with "this site is unsafe!!!11" messages.

Yes it should, because anyone who can intercept the traffic can send a fake key and stage a man in the middle attack.

And I absolutely, utterly do not want my web browser to _NOT_ warn me that the key I receive from my bank is not signed, just because you want to be able to avoid having to pay for a certificate for some forum login. I'd immediately dump any browser which allowed unsigned or self-signed certificates without putting up huge warnings.

[locovaca]

Yes it should, because anyone who can intercept the traffic can send a fake key and stage a man in the middle attack.

And I absolutely, utterly do not want my web browser to _NOT_ warn me that the key I receive from my bank is not signed, just because you want to be able to avoid having to pay for a certificate for some forum login. I'd immediately dump any browser which allowed unsigned or self-signed certificates without putting up huge warnings.

What RealNC is proposing isn't in lieu of certificates, but something in addition. Under his system, if your bank tried to give you the "no cert" encryption the browser would not display a padlock/encryption icon at all. It would look as if no encryption was being used at all. The net result is that it behaves exactly as it does today for non-ssl site with the only difference is that some unverifiable encryption is occurring instead of the plaintext passing of data.

I don't particularly think it solves a problem; even if the system were implemented all your ISP has to do is a MITM attack themselves. Data is encrypted to the ISP, decrypted by the ISP, re-encrypted by the ISP and sent on to the destination server. You'd never know the difference unless you did some sort of verification of the SSL key on your own and then we're really back at stage one.

[movieman]

What RealNC is proposing isn't in lieu of certificates, but something in addition. Under his system, if your bank tried to give you the "no cert" encryption the browser would not display a padlock/encryption icon at all.

Because everyone checks a tiny little icon before typing in their banking password.

If I'm trying to use an encrypted connection to my bank and it's not encrypted or it's giving me a bad certificate, I want that in big glowing letters on the screen, not hidden in an icon in the corner.

[baryluk]

TLS-SRP is perfect for online banking. And it doesn't need any certificates.

[RealNC]

Yes it should, because anyone who can intercept the traffic can send a fake key and stage a man in the middle attack.

And I absolutely, utterly do not want my web browser to _NOT_ warn me that the key I receive from my bank is not signed, just because you want to be able to avoid having to pay for a certificate for some forum login. I'd immediately dump any browser which allowed unsigned or self-signed certificates without putting up huge warnings.

You totally, utterly, 100%, missed the point.

[RealNC]

What RealNC is proposing isn't in lieu of certificates, but something in addition. Under his system, if your bank tried to give you the "no cert" encryption the browser would not display a padlock/encryption icon at all. It would look as if no encryption was being used at all. The net result is that it behaves exactly as it does today for non-ssl site with the only difference is that some unverifiable encryption is occurring instead of the plaintext passing of data.

I don't particularly think it solves a problem; even if the system were implemented all your ISP has to do is a MITM attack themselves.

And gain what? My secret thoughts about the latest lolcat picture on icanhascheezburger.com? If someone goes to such lengths to intercept the data and forge keys, you know what, "power" to him. Grats. He just wasted time and effort to intercept something that has virtually zero value.

Yes, if I wanted to encrypt sensitive communication, I would use a real certificate.

[locovaca]

And gain what? My secret thoughts about the latest lolcat picture on icanhascheezburger.com? If someone goes to such lengths to intercept the data and forge keys, you know what, "power" to him. Grats. He just wasted time and effort to intercept something that has virtually zero value.

Yes, if I wanted to encrypt sensitive communication, I would use a real certificate.

I just don't understand what you gain with the alternative encryption method. People who don't care about what you're viewing/sending also won't care if you do it plaintext. People who do care will set up as a MITM. It's as effective as WEP at this point, maybe even lesser so.

[RealNC]

I just don't understand what you gain with the alternative encryption method.

Making sniffing of passwords non-trivial. Still possible if the attacker shows more effort, but not possible by just launching Ethereal and pressing CTRL+F.

[yotambien]

Yeah, big freakin' deal. So someone may hypothetically be able to see what I'm doing, so what? I'm not doing anything illegal, and besides, the ISP and anyone else able to listen in, can easily see that I've been connected to both the newspaper and the porn site even though the content is encrypted. You see, both destination and source is still plain text, making it all somewhat obvious what you're doing. You don't accidentally stumble unto a porn site when you make several follow up requests download dozens MB from it

I think you are failing to see the multiple faces of the privacy problem. Yours is a particularly weak incarnation of the "nothing to hide" argument. Privacy concerns are dismissed, according to this view, either because no law-abiding person should have anything to hide, or because even if under some circumstances there were data one would prefer to keep private, positive effects gained somewhere else outweight minor disturbances caused to some people. I say yours is a particularly weak example because whereas normally it is security what is confronted to privacy--and security concerns are easily exaggerated, taken out of context or simply made up for maximum rethorical impact--you are merely raising technical issues, and apparently not even particularly serious ones.

A quick objection to your position is remembering ourselves that technology is used to solve problems. Redefining, reshaping, or limiting the scope of the problem to better suit existing technology--or worse, to make its deployment simpler--is exactly the opposite of how one should approach it. This is not to say that since I want to enjoy the wonders of time travel I can just stick to my idea and ignore the current state of scientific and technological affairs. But surely just convincing myself that visiting medieval Europe was not such a fun idea after all isn't going to buy me anything either. Rather, I should evaluate the advantages and disadvantages of pursuing this my crazy idea and decide afterwards whether I should invest my energies in pursuing it. I have the feeling that you adopted your position at the precise point in which you noted that raising the online privacy bar as suggested in this thread would impose some strain on the network and its underlying computer system. And I have this feeling because although you name some technical inconveniences--which I'm not ashamed to say that I know nothing about--you then fail to materialize their practical consequences. Are we talking about such a burden that the system would not possibly be able to cope? About a substantial increase in costs that would ultimately be passed onto, and felt by, everybody? Or perhaps about a minor extra load that would largely pass unnoticed? On the other side of the equation, have you considered the privacy implications of having a mostly plain text internet? Where you live, knowing the newspapers you read may not be particularly important (although I'd challenge this idea), but surely that doesn't apply everywhere. If you consider the possibilities that complex data mining techniques offer in terms of unearthing patterns, linking seemingly unimportant and uncorrelated data, and their use by (undisclosed) third parties, you then start to gain a sense of how big a problem this is.

Having said that, a more fundamental and solid argument, which doesn't merely attack the particular position that happens to be sustained against privacy (as I did) is given in the following article:

http://papers.ssrn.com/sol3/papers.c...ract_id=998565

which counters from the onset the restrictions that a "nothing to hide" position brings to the debate. I recommend it, but I didn't rehearse it here for the author can surely make a better job than me at presenting his views.