August 14, 2008

Authenticating Hosts Via Self-Signed Certificates (New CMU Tool)

Greetings. I have strongly argued for the expanded use of self-signed security certificates, and against the multiple alarming hoops that Firefox 3 now puts in the way of their use. I consider self-signed certificates to be an extremely valuable mechanism toward the deployment of pervasive Internet encryption, despite their native inability to provide host authentication in the manner of (usually commercial) certificates signed by traditional external authentication entities.

So I'm especially pleased to learn of a new tool -- "Perspectives" -- from CMU, that may offer a means to provide a very useful level of host authentication while still permitting the use of free self-signed certificates.

If you're interested in security and the wider adoption of encryption as a default state on the Net, you might wish to explore this development. I'd be interested in hearing your opinions regarding the techniques described, both pro and con. Thanks.

--Lauren--

Posted by Lauren at August 14, 2008 10:07 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein