[conspire] Risks ...

[Rick Moen]

Breaking threading because I didn't save a copy of Texx's post, and had
to copy text out of the archives;

Quoting Texx (texxgadget at gmail.com):

> Michael's post reminds me of a pet peeve (Think his name is Irving).
> People go to the trouble of setting up certs, but cant be bothered to
> renew them when they expire.  To me, this makes certs TOTALLY F*****G
> USELESS.

Here's a question you may not have asked yourself:  What is your basis
for relying on an Web site cert that _hasn't_ expired?

Most people's operational answer involves seeing a lock icon and
inferring a CA attestation.  Let's take that as true.  Doing so moves
the question one step back:  Why do you have confidence in a cert that
merely has a CA attestation?

This is where most people answering these questions start wondering
about the garden path they're on, and having doubts.  THe bolder among
them might say, somewhat tentatively 'I have reasonable faith in the 
CA my online bank does business with.'  And maybe that faith is
justified -- but the problem is that the lock icon doesn't say who
attests to this instance of the cert for the site claiming to be your
online bank.  All you know from the lock icon is that there's current
attestation by a CA whose public signing key's in your Web browser's
cert bundle.  That's something like 300 CAs distributed all around the
world, and some of those CAs have proven over the past 20 years to be
extremely skeevy and/or inept and/or corrupt and/or subject to control
of spook agencies (possibly among others) for nefarious purposes.

So, if relying on Web broswers' normal visual indications of 'valid'
https, you really have absolutely no idea which of those 300+ CAs 
are attesting to this cert.  It might be a completely different cert
from the one you loaded half an hour ago when you last visited your
online banking, and it might be for an imposter Web site being operated
in Cyprus by a gang of criminals who've sought out and paid the least
honest and reputable of the world's 300+ CAs to forge your bank's SSL
cert.  And maybe you're sitting in a Starbuck's whose cheap border
router has been zombified by those crooks to send requests for your
bank's Web site to the fraud site in Cyprus.  You'd literally not be
able to tell, because the conventional Web browser usage model puts 
full trust into all CAs' signing keys and tells the user nothing about
suspicious changse.

(Michael has already hear past iterations of this speech, along with
specific examples of why trusting all the CAs of the world is a dreadful
idea, but you hadn't.)