Ed Snowdon spoke yesterday at the SXSW conference on the importance of using encryption to keep the data the runs our businesses (and personal life) safe. I refresh the call to eliminate the scary warning that browsers give when using a self-signed encryption key. It does not make anyone safer, and stands in the way of regular usage of HTTPS.
The solution is to use cryptography to keep data secure. Snowdon talked about full disk encryption as being critical. He cited the example of Google Mail when it switched everyone to HTTPS as a prime example of simple actions that make everyone more secure. Simply by encrypting the HTTP will prevent many potential problems, but there is a design flaw of modern browsers that make this difficult: the scary self-signed warning.
In October 2011 I made a post called “The Anti-SSL Conspiracy” where I outline this particular problem common that still exists today. For review, there are essentially three levels of secure HTTP:
- Completely unencrypted – all text is readable on every computer the data is routed through, and you can not guarantee the identity of the server;
- Self Signed – data is encrypted and guaranteed private, but the certificate is not signed by an authority so you can’t guarantee the identity of the server;
- Signed by a Signature Authority – the certificate was purchased from one of the well known “trusted” companies who make some assurance about the identity of the server.
These provide increasing value in the order they are listed. What is surprising is that Mozilla, Chrome, and Internet Explorer (IE) all present a scary warning for the middle option. Before the page is displayed, it displays a large, red, warning that the signature of the site is not valid, and gives you the options of “Go ahead (not recommended)” and “Get me out of here”
The irony is that neither of the first two cases guarantee the identity of the server! For unencrypted traffic, the browser delivers the results without a warning. Even though the self-signed is more secure, the browser displays a warning scaring people away from it.
To get people to use a self signed server, you have to include special instructions to “ignore” the scary warning, go ahead an do what the browsers clearly does not recommend.
It gets worse: the Java libraries throw an exception when attempting to access such a site. To allow access with Java, you have to hack around the library. I document that in a different post: “Working Around Java’s SSL Limitations.”
Why Go Self-Signed?
Setting a server with a self-signed key is quite easy. You need a public and a private key, and it is easy to generate this pair on demand. The keys do not cost anything. In a few minutes you can have a secure server up and running and access it to that server is guaranteed to be private.
To get a proper certificate, you need a couple of things:
- A certificate is tied to a proper domain name, so you have to order and set up a domain name, which takes time, and only works on a fixed IP address.
- On a mobile computer (laptop, tablet, phone) where the IP address is constantly reassigned, you simply can not have a DNS name that resolves to that address. You are out of luck.
- You have to order and pay for a certificate from a signing authority.
- The signing authority only wants to give a certificate to a proper legal entity, so you have to have a company with a public address and such. The signing authority is supposed to check that the site is an official site of of a particular company, and guarantee that.
The proper certificate is important if you are setting up a permanent web site that represents a company. But if you are just setting up a utility server to support a group of individual who just want privacy, or a peer-to-peer network, the certificate is unnecessary cost and overhead, and impossible on a mobile platform. Self-signed is quick, cheap, convenient, and it safeguards the privacy of the connection.
Chris Soghoian was quoted in the talk saying: “We need to make services secure out of the box.” You can only get a proper certificate from an authority after you set up the server and assign a fixed IP addres, but self-signing could be automatic in things like TomCat and Apache, and they work without needing a fixed address.
Self-Signed might Even Be More Secure
For the more paranoid readers: there is evidence that the NSA has access to the signing authorities. Certificate authorities keep both your public and private key, and might have to deliver it to the NSA on demand. The private key allows access to the entire stream for eves-dropping. Whether or not this bothers you depends on how nefarious you believe the NSA to be.
It is a fact that your private key is stored by the certificate authority which might be hacked. Those are carefully guarded, to be sure, but a theft of the private keys in a given signing authority would leave ALL of the banks in the country open to exploitation. Servers could be set up that mimic real servers, and they would even have the icon indicating that the site is legitimate.
When you make a self-signed server, the private key is in only on that server.
For the more cynical readers: perhaps the reason that the browsers put up the scary warning about self-signed servers is because they are too secure for the NSA to readily hack, and well-placed development moles have worked to make this option uncomfortable.
I don’t believe there is a government conspiracy, but rather a tendency for engineers toward perfectionism: if you want to be safe, go all the way; don’t stop half way to security. That is the real reason for the warning, but I have demonstrated there are clear reasons for using the self-signed approach — particularly concerning mobile platforms.
Especially now, we need to take steps to safeguard data against all eves-droppers. Many servers are still unencrypted because it is a costly bother (or impossible) to get the domain name and the certificate. Browsers should be changed to treat self-signed better than unencrypted access. No, the browser should not display the little lock symbol. That symbol should be reserved for fully signed certificates. But the self-signed should not produce the scary warning, it should instead act mostly like the regular HTTP connection. There might be little reason to tell the user that the connection is secure, but there is no reason to scare them away.
Call to Action
If you know someone working on the code for Mozilla, Chrome, IE, Apache, or even the Java SSL libraries, ask them why the scary warning screen is necessary. Self-signed SSL traffic is more secure than open HTTP. Ask them why they make it hard for servers to use the self-signed option, and why they make it uncomfortable for users. It makes no sense, and with the dramatic increase in cyber crime we are experiencing, we need to take clear steps to secure all data from eves-droppers.