[paramiko] www.lag.net server issue?

Robey Pointer robey at lag.net
Sat Mar 22 14:23:36 PDT 2008 

On 18 Feb 2008, at 22:02, Dwayne C. Litzenberger wrote:

> On Sun, Feb 17, 2008 at 04:21:38PM -0800, Robey Pointer wrote:
>>> Fetching failed:: peer certificate cannot be authenticated with  
>>> known
>>> CA certificates
>>
>> Another good example of why SSH is a superior protocol to SSL. I'm  
>> not
>> going to pay thousands of dollars to a financial corporation just to
>> have the "right kind" of cert. Therefore self-signed certs are a fact
>> of life, and all these SSL clients complaining about them just make
>> SSL look confusing to end users.
>
> Robey,
>
> For somebody browsing on an open wi-fi network---particularly  
> someone who
> has never visited www.lag.net before---the "right kind" of SSL certs
> provide a useful service: They make it much more difficult for an  
> attacker
> on the local wireless LAN to substitute your software with a modified
> version, and they would make it possible to bootstrap trust for your  
> public
> GPG key.  In this use case, self-signed certificates are just as  
> useful as
> the practice of _not_ checking SSH host keys: They provide a false  
> sense of
> security, and completely fail to address the bootstrapping problem.

Sorry for the late reply. Unfortunately because of the cost issue,  
self-signed certs need to be presented to the user, and need to be  
cached by the browser. Not doing so makes SSL operate worse than SSH,  
since SSH *does* present the key to the user and cache it. I realize  
that SSL is trying to enforce security through a hierarchy of cash  
registers, but it's just not a practical solution for casual users  
(like me).


> If you shop around, you can get an annual SSL cert for less than US 
> $100
> (http://www.rapidssl.com/ currently advertises US$69/year).

I did actually look at some of the sites offering free certs, but none  
of them appeared to be listed in my browser's CA list, which would  
seem to take away some of the usefulness.


> As the maintainer of an important cryptography library, you should be
> providing _some_ means for end-users and distributors to verify that  
> the
> software they download is the same software you release.

I do give MD5s, but you're right, signing would be better. I will make  
a note to post GPG signatures with the next release.

I'm moderately surprised that you're the first person to point this  
out, since it seems like an obvious gap in retrospect. :)

robey

More information about the paramiko mailing list