The worst idea ever for encrypted communications

As the original poster writes, this is just the most alarming internet proposal. This is just a draft but if it ever comes to see the light as a real standard, you can count me out of the internet.

It’s really worrying too see proposals like this and the implications it has to security and privacy of communications.

I, for one, would never accept such a communication channel. If it’s hard trusting your own computers, imagine trusting several intermediate hosts that can decrypt (and modify), the information that goes by a medium that was designed to be encrypted from point to point with no intermediate actors. In fact there is an attack vector known as man-in-the-middle, and with this proposal it is being standardized. Now you can say goodbye to privacy and security on the internet.

security user experience

How to enhance user security on internet

Reading the post linked in the title, I remembered something I’ve been thinking some time ago. If sites enabled authentication and authorization with client certificates, they would be more secure. Also people would be less exposed to phishing attacks (read: none at all), because fake sites would not validate the server information present in the client certificate.

The main reason would be what the article states. Certificate management in the browser is not a first class citizen. It’s more than complicated for common users to get to the certificates management dialog, and don’t get me started with importing, exporting and the different formats available.

If browsers give certificate management a first level menu option or a direct action button, with simple wording understandable by the average user, maybe things would start changing. Then, people can be educated and introduced to client certificates and their benefits.

Even here in Spain is not uncommon to use them. Inside the latest version of the ID card issued by the government (a smart card), is a client certificate used to connect to government websites to make bureaucratic stuff online, connecting to your bank account, and some other partnering sites. But, the setup in the browser is very complicated and not many people end using it. You need the JRE plugin and then allow the installation of all the Java applets needed to let the website authenticate with the client certificate. It’s not what I would call the best user experience.

By the way, if you haven’t noticed, the post is from 2008, that is, almost four years have passed and in that time, certificate management has not changed at all in browsers. Even more time, as the dialogs were already present with the same format long before that date.