NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Authenticating Hosts Via Self-Signed Certificates (New CMU Tool)

        Authenticating Hosts Via Self-Signed Certificates (New CMU Tool)


Greetings.  I have strongly argued for the expanded use of
self-signed security certificates, and against the multiple alarming
hoops that Firefox 3 now puts in the way of their use 
( http://lauren.vortex.com/archive/000402.html ).  I consider
self-signed certificates to be an extremely valuable mechanism
toward the deployment of pervasive Internet encryption, despite
their native inability to provide host authentication in the manner
of (usually commercial) certificates signed by traditional external
authentication entities.

So I'm especially pleased to learn of a new tool -- "Perspectives" --
from CMU, that may offer a means to provide a very useful level of
host authentication while still permitting the use of free
self-signed certificates ( http://www.cs.cmu.edu/~perspectives ).

If you're interested in security and the wider adoption of
encryption as a default state on the Net, you might wish to explore
this development.  I'd be interested in hearing your opinions
regarding the techniques described, both pro and con.  Thanks.

Lauren Weinstein
lauren@vortex.com or lauren@pfir.org 
Tel: +1 (818) 225-2800
Co-Founder, PFIR
   - People For Internet Responsibility - http://www.pfir.org 
Co-Founder, NNSquad 
   - Network Neutrality Squad - http://www.nnsquad.org
Founder, PRIVACY Forum - http://www.vortex.com 
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com