NNSquad - Network Neutrality Squad
[ NNSquad ] Authenticating Hosts Via Self-Signed Certificates (New CMU Tool)
Authenticating Hosts Via Self-Signed Certificates (New CMU Tool)
http://lauren.vortex.com/archive/000414.html
Greetings. I have strongly argued for the expanded use of
self-signed security certificates, and against the multiple alarming
hoops that Firefox 3 now puts in the way of their use
( http://lauren.vortex.com/archive/000402.html ). I consider
self-signed certificates to be an extremely valuable mechanism
toward the deployment of pervasive Internet encryption, despite
their native inability to provide host authentication in the manner
of (usually commercial) certificates signed by traditional external
authentication entities.
So I'm especially pleased to learn of a new tool -- "Perspectives" --
from CMU, that may offer a means to provide a very useful level of
host authentication while still permitting the use of free
self-signed certificates ( http://www.cs.cmu.edu/~perspectives ).
If you're interested in security and the wider adoption of
encryption as a default state on the Net, you might wish to explore
this development. I'd be interested in hearing your opinions
regarding the techniques described, both pro and con. Thanks.
--Lauren--
Lauren Weinstein
lauren@vortex.com or lauren@pfir.org
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
- People For Internet Responsibility - http://www.pfir.org
Co-Founder, NNSquad
- Network Neutrality Squad - http://www.nnsquad.org
Founder, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com