[Pkg-mozext-maintainers] replacing Perspectives extension with Convergence?

Vagrant Cascadian vagrant at debian.org
Mon Sep 12 17:04:06 UTC 2011 

On Mon, Sep 12, 2011 at 10:12:58AM -0400, Daniel Kahn Gillmor wrote:
> On 09/09/2011 09:01 AM, Paul Wise wrote:
> 
> > Based on Moxie Marlinspike's talk about SSL at the BlackHat security
> > conference, in which he mentions the Perspectives extension and the
> > issues that it has, I think we should remove the Perspectives extension
> > from Debian and encourage users to switch to the Convergence plugin that
> > Moxie wrote.
> 
> i haven't audited moxie's code, but if his presentation is accurate in
> how it describes the way that Convergence works, i agree that it makes
> more sense to have Convergence than Perspectives in the debian archive.

i've already got it packaged and largely ready to upload, was waiting on some
copyright & license clarifications from moxie. the server components were
definitely a little easier to package than the perspectives server components. 

i'll file an ITP to talk about it.
 
> We could keep both, of course, but i suspect that (for the near future
> anyway) Convergence will be better-maintained and will provide a better
> user experience for most users.  And i wouldn't want users to try to use
> them both.

convergence and perspectives don't play nicely with each other, in my brief
testing (perpsectives seemed to check the wrong cert when booth were enabled).
 
> My main concern with Convergence is that given the default notary model,
> it does not protect users at all against snooping/infiltration based on
> a server-specific attack (e.g. BGP injection, or simply placing a
> second, faster machine on the same network segment as the target server
> and arpspoofing the target machine, or even taking the server down and
> replacing it with an identically-configured machine).
> 
> However, Perspectives doesn't defend against these attacks at all -- it
> just relies on the existing, already-broken X.509 CA cartel
> infrastructure to protect against these kind of attacks.  The difference
> is that Convergence explicitly rejects all X.509 certification and
> relies instead on its notaries.
> 
> With an improved notary arrangement (i haven't thought through the
> details yet), Convergence could maybe take some steps to address this
> remaining gap.

you can design notaries that use whatever verification model you want.

a concern with convergence is that it caches the certificate with no sort of
expiry (essentially a "Trust On First Use" + notary verification model), but i
suspect that's fixable.


live well,
  vagrant

More information about the Pkg-mozext-maintainers mailing list