

Proof-of-concept public key authentication for web users - jlind
http://toolchain.eu/verifypoc/poc

======
viraptor
How is that different from client certificate authentication? It seems strange
that solution is not mentioned at all.

~~~
redxaxder
More info on client SSL certificates:

[http://www.gnegg.ch/2008/05/why-is-nobody-using-ssl-
client-c...](http://www.gnegg.ch/2008/05/why-is-nobody-using-ssl-client-
certificates/)

~~~
Groxx
I've been saying it to a lot of people for quite a while, but that's a very
nice example: client certificates, OpenID, PGP, and a host of extremely-useful
systems like those aren't hard because they're inherently hard. They're hard
because their presentations are _absolute crap_.

Take OpenID for example. I've encountered a bajillion nay-sayers, "it's too
complicated" this and "too many steps for the user" that. So what's "sign in
with Facebook" if not a better presentation of the _exact same idea_? And
_how_ many people have no problem using it every day?

To have a security revolution, we need to have a security _software_
revolution. The tech exists for the _vast_ majority of problems, we just need
to use it.

~~~
regularfry
Agreed. Even server-side, the software is awful - setting up a root-CA-signed
certificate chain with the OpenSSL command-line tools (and java's keytool) is
an absolute nightmare. Apart from anything else, it's astonishingly difficult
to tell when you've got it right, and by extension, it's astonishingly
difficult to tell when you've got it subtly (or not so subtly) wrong. This has
nothing to do with the principles at play, and everything to do with how the
information is presented.

------
dekz
So you either require the user to somehow sync a private key across multiple
computers (Including phones and tablets) or the can't access the site with
this method. Do you agree on the digest, method, sizes? Do you blacklist md5,
sha1? Does everyone agree to this or can I go to one site which uses an
insecure algorithm and theres the potential for information to be leaked,
which affects my usage of that private key on other websites. Do I have a
private key for each different website? Do I then need something to manage
this for me, ala KeyPass or 1Password? How do I authenticate with KeyPass or
1Password, with a password? We're back to where we started.

I don't think PKI is the solution for this problem.

BrowserID is moving in the right direction, I can trust Google to have
appropriate security for my personal information, but as we've seen time and
time again sites like gawker, mtgox cannot be. It would be nice to see a
service like BrowserID catch on and I'd be willing to pay for a vendor for the
service if they provide full disclosure on their method storing of my data. So
I know they aren't storing in plaintext, hashing with md5, encrypting the
passwords etc.

~~~
pavel_lishin
Haven't all of your questions basically been answered in practice by the fact
that keys are simple and effective when used to log in over ssh? Do you have a
different private key per each server you log into, does a compromised server
automatically render your keypair worthless, do you have software to handle
keys now?

Haven't your arguments been refuted by the simple fact that people use
keypairs every day to log into servers easily and securely? The last time I
had to type an account's password was when I had to run "sudo" on a test
server.

~~~
tptacek
The first time you log into an SSH server, your connection is actually
insecure (this is also true of every subsequent time you log in and see that
yes/no dialog).

~~~
cosgroveb
Is there any way to be sure of an server's ssh fingerprint before logging in?
You need to do that offline right? Maybe a PGP signed e-mail from the
sysadmin?

~~~
tptacek
That's exactly the kind of thing you're supposed to do to verify those keys.

(I don't either).

This is a much bigger deal in a web setting, though.

------
thwarted
I've been experimenting with something similar over the past couple of weeks,
at the HTTP auth level (as that's my use case), although I don't have browser
integration yet as I'm still working on interfacing to ssh-agent (also, insert
standard lack-of-time excuse here).

I've been experimenting with SSL client certs for a while. They don't have a
decent UX/UI in any browser I've used (redxaxder provides a link in another
thread) and are a significant hurdle to general adoption. We could maybe see
significant process in this area if some well known, popular site, like
Facebook or gmail, supported SSL client certificate authentication.

We need to see more work in this area.

------
a3_nm
What we need is a public key authentication scheme with the possibility for
normal users to delegate their identity to some trusted third party to which
they hand their public key (like with OpenID). I think this would be the best
of both worlds: normal users get a seamless experience, and nerds have total
control over their identity without even needing to, say, own a domain name
and trust DNS.

~~~
markkum
This is exactly what we are building here; <https://www.mepin.com> The private
key is generated and stored in a smarphone or separate USB smartcard, so that
normal users don't have to manage their private keys.

~~~
a3_nm
I was thinking of a standard. From your website, it seems that you are
developing a product.

