[llvm-dev] Bugzilla invalid certificate issues
Stephen Checkoway via llvm-dev
llvm-dev at lists.llvm.org
Mon Feb 13 17:57:37 PST 2017
> On Feb 13, 2017, at 15:24, Chris Matthews <chris.matthews at apple.com> wrote:
>
> EV certs attempt validate the identity of the organization that holds them. That is a nice assurance to have from a place that makes the thing that compiles your code.
Although I appreciate that concern, downloads are currently available only via http (or via https with a TLS cert warning about invalid common name) so any improvement here would be good (as just happened with bugs.llvm.org)
As an aside, EV certs don't really offer a guarantee of identity validation (indeed EV certs have been misissued in the past [1]). They're really a form of Jackson's and Barth's "finer-grain origin" [2] which, as they point out, isn't respected by the browser's same origin policy. Although I'm not aware of any studies on this, I'd be shocked if even expert users noticed that a site moved from EV certs to DV certs. There's much more security to be had with HSTS.
1. https://security.googleblog.com/2015/09/improved-digital-certificate-security.html
2. https://seclab.stanford.edu/websec/origins/fgo.pdf
--
Stephen Checkoway
More information about the llvm-dev
mailing list