Why no SSL?

This week, I’d like to start a short series on the social failures of good security on the web, focusing on the disuse of HTTPs, and the absence of good (or – at least – best practice) authentication on the web. This first entry is an attempt to explain why HTTPs is used so infrequently. Last week, I talked about why I think that – even in the absence of strong authentication – HTTPs is still a good system, and should be in general use. However, this is clearly not the case. Why not?

As I pointed out last week, HTTPs actually doesn’t suck, even in the absence of a good authentication framework. Don’t get me wrong, authentication is great. However, authentication is a really hard problem, and one that we certainly haven’t come that close to solving yet.1 In the mean time, there still loads of benefits to using HTTPs, so why is it so rare to see sites using HTTPs by default?

Unauthenticated HTTPs damages the user experience, and user trust. All modern browsers implement the PKI hierarchical trust model, since it’s the current best-practice standard for authentication. Part of this involves giving the user scary and intimidating warnings when visiting HTTPs pages which cannot be authoritatively authenticated. And with good reason: without this step, HTTPs MiM attacks would be much easier to conduct, and likely effective, and prevalent. Any sort of online commercial transaction would be at best impossible, and at worst, wildly insecure.

However, this has significant negative repercussions for deliberately unauthenticated HTTPs. HTTPs warnings are scary and intimidating. If I can’t afford a CA-signed SSL certificate2, but want to use unauthenticated HTTPs anyway, then my users will be presented with a scary security warning when they visit my site, possibly every time they visit my site. That’s right: my users’ browsers will give them scary security warnings if use unauthenticated HTTPs, but not if I use plain old insecure HTTP. As far as the messages users get from their browsers are concerned, unauthenticated HTTPs seems scary and insecure compared to plain old HTTP: a reversal of the actual situation in this context.

No commercial website wants their users to feel insecure, so why use (more secure) unauthenticated HTTPs when (insecure) HTTP avoids any nasty security warnings that make users think about such things?

Next week – Why do so many websites do user authentication so poorly?


1 – When the first step in implementing the current authentication system is: “Identify someone who is trusted by everybody in the world,” you know that there’s still a lot of work to be done on this problem.


2 – Or, if I don’t want to financially support the PKI model; don’t think that a CA‘s signature is valuable for authentication; don’t want to encourage my readers to trust CAs; or for any number of other economic, technical or philosophical reasons don’t think that a CA‘s signature is worth the money.

This entry was originally published on the WWS/COS 586 course blog.

Advertisements

About flamsmark

I do privacy at Mozilla. Years of security have left me incurably paranoid. Tech, policy, security, privacy, & anonymity are good. Open is better. GPG: 80AF07D3
This entry was posted in Essays. Bookmark the permalink.

2 Responses to Why no SSL?

  1. Pingback: House-of-Cards Security « Active Rhetoric

  2. Pingback: Alternative Approaches to Authentication « Active Rhetoric

What're your thoughts?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s