back to article Qualys endorses alternative to crappy SSL system

San Francisco-based security firm Qualys is throwing its support behind an experimental project designed to improve the security and privacy of website authentication by reducing reliance on certificate authorities that issue secure sockets layer credentials. The Convergence project was devised by Moxie Marlinspike, a security …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Plug in

Tried the Firefox plug in using the default parameters, every one of the sites i tried it on returned an invalid certificate warning, however it is a beta so maybe its worth waiting to see if this changes significantly in the future.

0
0
Silver badge
Linux

Problemo

Convergence won't run on FF 7.0

On FF 6.x it prevents Gmail attachment uploads. They just hang with a Gmail "Still working" message.

0
0
Boffin

Forgive me if I'm teaching granny to suck eggs...

...but can you not unpack the plugin XPI file and edit the em:maxVersion tag in install.rdf? Of course there may be a more fundamental reason why it doesn't work with FF7 but I would have thought it's worth a try. And naturally this is unlikely to fix the attachment upload problem.

There are bound to be problems with Convergence at the start, as elegant as the idea is it is still a massively ambitious undertaking to turn the net's trust model on its head. Personally I think there is a responsibility on those of us that recognise the problem to actively participate in the solution. That may be just using the plugin, feeding-back issues to the devs and possibly running a notary but every little helps.

0
0

FF7

Which OS?

FF7+Convergence work fine on OpenIndiana.

0
0
Thumb Up

Trust

This does cut rather to the heart of the problem with certificates: I *don't* trust the CA's - any of them. Why should I? They're faceless agencies who make money out of selling these certificates to companies, they have next to no responsibility or accountability to me. Plus they are, I'm guessing, full of humans. Humans can be corrupt and/or stupid.

There has been far too little cross-checking of reliability in the whole market for years and the idea outline here looks like a step in the right direction.

5
0

This post has been deleted by its author

Anonymous Coward

perspectives...

From the website: "Convergence is based on the ideas originally developed by the Perspectives Project at Carnegie Mellon University."

Does this mean that perspectives is dead? Are the 2 systems compatible?

http://perspectives-project.org/

0
0
Facepalm

OT

Installed FF7 the other day and found it still had DigiNotar as a CA..

0
0
Anonymous Coward

...but...

...are the DigiNotar certificates configured to authenticate anything?

0
0
This topic is closed for new posts.

Forums