
Convergence, distributed, secure strategy replacing certificate authorities - 0x12
http://www.convergence.io/
======
jtdowney
Moxie Marlinspike is the creator of Convergence. I highly recommend watching
his Blackhat 2011 talk (<http://www.youtube.com/watch?v=Z7Wl2FW2TcA>) covering
authenticity on the web and Convergence.

~~~
derrida
Doubly recommended. Moxie Marlinspike is a great communicator and I suspect
watching that talk will answer many questions people are likely to have.

------
derrida
Here is a link to a previous discussion on HN about Convergence, with some
contributions by Moxie Marlinspike, the creator.
<http://news.ycombinator.com/item?id=2949199>

------
mike-cardwell
The problems of certificate forgery and CA's that are too big to fail, can be
fixed by extending the current system, to require certificates to be signed by
multiple CA's, who do not fall under the same jurisdiction or influences. I
wrote about this idea yesterday:

[https://grepular.com/Solving_the_SSL_CA_Debacle_Using_Multi-...](https://grepular.com/Solving_the_SSL_CA_Debacle_Using_Multi-
Signed_Certs)

~~~
marshray
N-of-M and co/countersigning schemes have been around forever. The problem
isn't a lack of ideas or technical tools to fix it.

The problem is that the industry prefers it the way it is.

------
IgorPartola
Isn't a better long-term solution to simply have DNSSEC distribute your site's
public key? The idea that I have to buy a domain name _and_ an SSL certificate
is silly. For extended validation, what should be verified is your public key,
not your domain. So if the public key is also signed by a number of CAs, it is
considered valid.

~~~
dmm
But how do I know which DNS servers to trust?

~~~
kogir
The ones with signatures that check out. That's the SEC part of DNSSEC. The
root key(s) are published and you can verify authenticity all the way down.

------
sjs382
"Convergence, distributed, secure strategy replacing certificate authorities
_for users of Firefox_ "

~~~
derrida
New project. Get involved on GitHub. Write the Safari/Chrome version. Until
browsers ship this with their main product, users will have to install plug-
ins.

~~~
StavrosK
Won't writing a plugin for one of Safari, Chrome or Opera mean that it can be
used with the other two browsers? I think they all use the same plugin
standard.

~~~
sp332
I don't think so. Even though Safari and Chrome both use webkit, Chrome has a
very different security model and API. Opera might be completely different.

~~~
StavrosK
I've ported a Chrome extension to Safari trivially, I think Opera is much the
same...

------
fab13n
One of the main security risks is social engineering.

The only reason why my mum won't be tricked into adding a rogue CA root is
because it's too complicated to do for her, even if she wanted to.

* If it was as easy as installing a fake Flash plugin Trojan, she'd have installed plenty of rogue CAs already; * If it remains hard to do, she'll stick to the default config, which is what she does already.

So, the main change wrt the current PKI system is that by default, her browser
would probably check a certificate validity against a couple of top
authorities, rather than a single one. I guess it would make getting a
certificate a couple of times more complicated, hence a couple of times more
expensive (if the process of trust propagation is fully automated, then I'm no
safer than with a single CA signature).

To sum up, I don't see how this would improve the situation for average Joes
and Janes. Since Paypal, Amazon, Google etc. primarily care about average
Joes, I don't see why they would adopt that kind of cyberpunk technology.

~~~
marshray
Google cares that governments aren't man-in-the-middling their web browser
when talking to their online services.

That's how the DigiNotar breach was publicly disclosed. The browser/CA CAB
forum knew about it and had been hiding it for weeks until an actual Chrome
user posted a message in the Gmail support forum:
[https://www.google.com/support/forum/p/gmail/thread?tid=2da6...](https://www.google.com/support/forum/p/gmail/thread?tid=2da6158b094b225a&hl=en)

~~~
0x12
> The browser/CA CAB forum knew about it and had been hiding it for weeks

That's really criminal.

~~~
mypov
.. which perhaps calls for collectively mette punishment.

------
jvandonsel
Stupid question on Convergence: If I could intercept ALL the traffic from your
local network, couldn't I still perform a MITM attack by simulating both the
destination host and the notary?

------
Egregore
What is the target user group of this project?

I like the idea, but I know too few people who will really start using it.

~~~
wladimir
_What is the target user group of this project?_

People that value their internet security and are disappointed by the current
SSL trust system.

I'm sure it will have to see a lot of testing by interested power users first,
before it is ready for prime time / default integration into browsers.

Nevertheless, I think it is a very interesting development as it is much more
realistic than the current trust system. Trust is no longer something
absolute, eternal, dealt out by somehow globally fully trusted entities.

~~~
Egregore
How many such people you know personally? And have they started using the
system?

~~~
wladimir
I don't see how that is important. This is not a popularity contest.

