You know, at some point we should really re-evaluate the use of SSL in our Web architectures. Let’s face it, it hasn’t really done much for us:
1) Users read way too much into its functional value.
2) The threat model for sensitive Web data has never been one of sniffing traffic. There are still way too many accessible websites for this to be the case.
3) If you are going to compromise some device, you might as well compromised the host and not some intermediate device.
4) The bad guys are now leveraging SSL more and more to shield their activities from good guy sniffers.
Sure, it is needed nowadays for basic authentication protection, but we really shouldn’t be using userid/password pairs in clear text anyway.
On point 4, I think its also worth discussing how SSL is being used by malware. A valud cert does nothing but validate who someone is, it doesn’t (at least without human intervention) decide if you should trust the person or host. Getting a valid cert is not hard and therefore installing malware over SSL and avoiding the spyware sniffers if also becoming more common.
@Mark – thanks for the clarification. So, does that mean you agree with me?
1) Agreed
2) Might the model shift without SSL?
3) Kinda confused there (not hard to do with me).
4) If you are going to have ISP’s block it, then I can maybe see your argument. But if not, taking it away from the good guys does not keep bad guys from using it.
SSL == Useless
Pete Lindstrom posted over on the Spire Security Viewpoint asking, and answering, the question Has SSL Outlived its Usefulness. He made the following four statements:
1) Users read way too much into its functional value.
2) The thr…
Circling Back Around on SSL
There’s been some constructive feedback out there on my points about SSL. Practically speaking, it doesn’t matter whether SSL is protecting us or not since auditors and regulators typically expect it. Therefore, it doesn’t really matter what we (I) thi…