Solution to the man in the middle and faked certificates?

For discussions about security.
Post Reply
Message
Author
nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

Solution to the man in the middle and faked certificates?

#1 Post by nooby »

A suggestion from "Perspectiive Project" to the man in the middle and faked certificates security problem?

http://perspectives-project.org/
The root of the problem is that with the CA model, browsers blindly trust
a group of 600+ corporate and government parties (ref) to validate SSL certificates.
You as a web browser user have little or no choice about who to trust
and essentially no visibility into whether these organizations deserve your trust.

How Perspectives Helps

Perspectives takes a different approach to how the web browser determines if an SSL certificate is valid.
Instead of requiring browser users to trust an anointed group of certificate authorities,
Perspectives gives users the ability to pick a group they trust (e.g., the EFF, Google, their company, their university, their group of friends, etc.) and trust no one else.


I have not read the rest of the text. I doubt them do this for free so it maybe is only for companies and rich people?

But could not Linux as a body of caring people make their own list of trusted such certificates?
I use Google Search on Puppy Forum
not an ideal solution though

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#2 Post by nooby »

I've read around the internet but Iam a lousy reader.
Found a Swedish text most likely just translatedfrom idg news.
Maybe from PCWorld or something like that.

it says that Mozilla have updated the browser to help with comodo and Diginotar certificates. But commentators says one can do it manually in FireFox by going to Edit > Preferences > Advanced > Ecryption > View Certificates and there take away the comodo and the diginotar.

is that safe to do? Can anybody explain what I am supposed to do?

I edited the picture now you should be able to see two of thecompromised ones comodo and diginotar
Attachments
certificates.jpg
comodo and diginotar. What am I supposed to do?
(58.74 KiB) Downloaded 252 times
I use Google Search on Puppy Forum
not an ideal solution though

Post Reply