SSL fix aims to mend huge cracks in ‘Net’s foundation of trust


    Open-source software developer Kai Engert has proposed an overhaul to the Internet’s SSL authentication system, aiming to minimize the damage that would result from the compromise of one of the authorities trusted by major browsers.

    Under version 2 (PDF) of Engert’s Mutually Endorsing CA Infrastructure proposal, people connecting to Google Mail, Twitter and other sites protected by SSL would draw on one of three randomly selected notaries to verify that the digital credential being presented is valid. By comparing the SSL certificate’s contents to data contained in the voucher returned by the notary, the person’s Web browser or e-mail program could quickly spot credentials that have been forged, even when they’ve been signed using the private key of a legitimate certificate authority. The notaries—or “voucher authorities” as they’re called—would be made up of existing CAs.

    Read the rest of this article...

    Read the comments on this post

    View article:
    SSL fix aims to mend huge cracks in ‘Net’s foundation of trust


    Please enter your comment!
    Please enter your name here


    This site uses Akismet to reduce spam. Learn how your comment data is processed.