The traditional Public Key Infrastructure implementation of TLS/SSL is a confidence game. Chad Perrin explains why and makes some recommendations on handling online transactions.
Transport Layer Security, or TLS, itself has proven to be a great boon for online transaction security. If your bank isn't using TLS for its account management Web site, it is probably doing something wrong.
TLS is the current implementation of what was originally called SSL, or the Secure Socket Layer protocol. It is an encryption protocol used to protect HTTP connections on the Web so that information can be exchanged securely. This is of particular interest for online financial transactions, but is also important for logins, to ensure that eavesdroppers cannot harvest usernames and passwords in unencrypted network traffic, then highjack accounts.
TLS has also been used (some might say "abused") to provide encrypted connections for an increasingly diverse selection of types of network traffic. As a protocol for establishing communication using strong encryption, it is quite effective at securing such traffic, even when it is not HTTP traffic. It is, in fact, well suited to use with any application layer protocol, including FTP, NNTP, SMTP, and XMPP, in addition to HTTP. Check my articles index for past TechRepublic IT Security articles about using TLS to secure connections to mail servers.
A series of service providers who charge fees for registration of server certificates used to authenticate a Web server has arisen to provide protection from man in the middle attacks. These service providers, called Certifying Authorities (abbreviated "CAs"), make out of band verification of server certificates available to client systems so that man in the middle attacks may be detected. The system by which the CAs make their registration and verification systems available is known as PKI, or Public Key Infrastructure.
Unfortunately, PKI as it is currently implemented for TLS certificate verification (or "validation", as the CAs call it) is unnecessary. As the Perspectives notary system alternative to PKI has shown, there are possible verification schemes that provide far more complete coverage of server certificates. The business model used by CAs in PKI ensures that many servers will never have registered certificates — servers that may still be as trustworthy as any other, and for which secure encrypted transactions may be just as critical to the day to day online activities of thousands of people as those that can afford to buy into the CA con game.
A confidence game, simply put, is a scam in which a target is convinced to believe something that isn't true so that the con artist can get the target to give him or her money. The idea is that the con artist gains the target's confidence, and uses that against the target. In this case, there are two targets: browser users and people who need to provide encrypted access to their servers. The confidence itself is the impression we have that we not only can trust the CAs, but that we must — because that's the only way to really protect ourselves with TLS encryption. The real beauty of this particular scam is that nobody needs to lie to use, because given the option to believe in the importance and trustworthiness of some authority figure, most humans do so instinctively. In other words, we lie to ourselves on their behalf.
To replace the TLS scam with a more sustainable (and more broadly effective) system such as the Perspectives notary system, we need to ensure that such an alternative gains popularity and is used more widely. If it is at all reasonable to do so, you should install the Perspectives extension for Firefox right away, and use that for your online transactions that require TLS encryption. Not only will that help reduce the current worldwide reliance on CAs, but it will also give you a way to verify TLS server certificates that the CAs ignore because the CAs haven't received the requisite payments.