Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Why don't we have P2P based CA or SSL fingerprint consensus?
5 points by rubyfan on Feb 24, 2015 | hide | past | favorite | 7 comments
How the hell are normal people to validate an SSL fingerprint? Could any one of us really spot the man-in-the-middle attack?

Why doesn't something like a P2P consensus protocol or blockchain facilitate certificate authority or even more simply validating SSL fingerprints?



That's a fair question but how do you stop a powerful adversary from flooding it with false information or how do you protect the consensus system from being MitM-ed, more SSL?

Plus one could argue that a P2P consensus system would be a massive breach of people's privacy. Do you really want everyone upstream knowing what sites you're visiting even if it is just at the domain level?

My point is that while this problem is both true and easy to quantify, a solution would wind up being almost as complex as SSL itself. And it seems like a drop in the bucket when DNS remains insecure, SMTP is still highly common, and HTTP (i.e. not HTTPS) is widespread.

That all being said, if someone developed this as e.g. a Chrome Extension, I'd consider installing it as long as some privacy guarantees were in place.


Great points, I'd view privacy to be a key ingredient to make something like this work. I don't like built in phishing protection browser capabilities for this same reason.

Also great points about being a drop in the bucket... I asked a similar question tonight "Ask HN: Why don't companies sign email the way we do with HTTPS?" https://news.ycombinator.com/item?id=9098079

It seems even the basic security measures we think are "good" really have no acceptable level of traceability, wide-spread visibility or audibility.


Definitely Superfish inspired some thinking on this topic but I do understand that a compromised system is compromised so better CA or external consensus does nothing there.

Even still, I'm not totally convinced browsers will spot the MITMs so I don't have to. However, having many-many individual web browsers tracking and sharing SSL fingerprints to potentially provide consensus as well as some history and traceability I believe would be a needed public service.


I'm still unclear on why Superfish motivates this stuff, since virtually nothing you can come up with to strengthen TLS trust trumps an adversary who images your machine.


http://perspectives-project.org/ http://www.convergence.io/


I wish convergence was still actively developed. It seemed like a really cool idea.


The browser spots MITMs so you don't have to. (If you're thinking about Superfish, no system can protect you against that same system being compromised.)




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: