[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: BofA+Netscape



-----BEGIN PGP SIGNED MESSAGE-----

>	It my personal feeling that Netscape doesn't have the right
>talent mix to develop secure software.  For example, they may well get
>the RSA parts right, and then store the passphrase in a text file,
>'for ease of use.'  The RSA is secure, but the system is not secure if
>usnauthorized people using your machine is a possibility.
>
>	Writing secure software is a difficult and tricky buisness
>that requires a lot of effort; early versions of Mosaic had problems.
>
>	Netscape really needs to develop a threat model that allows
>them to assess the severity of potential problems.  It is my guess
>that they have not done so, although, I'd be pleased to hear I'm
>wrong.
>
>	Everyone's favorite company, First Virtual, seems to have
>developed a threat model that allows them to offload allmost all risk
>and security problems to their customers.  It may not be a good
>solution, but at least they have considered how the security of their
>system intersects the real world.  Just integrating RSA does not do
>that.

This intrigued me, so I checked it out.  I didn't see anything about a 
threat model, but they did have some extensive discussion about their 
security, including things I found interesting...

They call their system "Secure Sockets Layer" (SSL), which appears to be 
a kind of link-level encryption which they layer below HTTP.  This is 
opposed to SHTTP, which is more MIME-like.  They don't seem to think much 
of SHTTP; their FAQ answers the question "Are there other secure browsers 
available?" with "Nope; no one else uses SSL at this time." (paraphrased)
What's interesting is that they're planning to put NNTP, FTP, etc. on top 
of SSL as well, allowing for "secure FTP" and "secure news", etc.

SSL is supposedly an open standard, and Netscape is pressing for it to 
become a true standard.  Apparently, they've even issued an RFC for it.  
The full text of the SSL protocol is on their Web site.

As for technical issues, they aren't very satisfactory concerning the 
kind of questions Adam raised; it's mostly about RC4 layered on top of 
RSA and MD5 hashes sent at this time, etc...  The SSL spec contains a 
section on attacks which seems elementary even to my novice mind.

Is there interest in posting the spec?  It's in RFC format, but hasn't 
even been assigned a number yet, so it doesn't appear to be uncopyable, 
as it were.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLuiwnjER5KvPRd0NAQGBNAP+PpTRHhzVq+ogPkCUP4vBSYG9ooOnSVOi
tOaG+4zQYJa7iPBP11/aODYM9JjlNr8zGBDfKr1SzOI7ntg59C8/aGscc5XvJh5I
wE2TxHOqA+OE+AtSy4jDE09yVG/TUZuO69Ig5+v/xJy+XU1nspUoJ02mi5EQo/59
Qq1nDoeKpoE=
=vBg6
-----END PGP SIGNATURE-----