[Discuss] Why the dislike of X.509?

[markw at mohawksoft.com (markw at mohawksoft.com)]

> On 8/25/2014 1:57 PM, John Abreau wrote:
>> So the problem is that in order to connect to your company's VPN, you're
>> forced to trust the syadmin who administers the company's VPN server,
>> since he controls the company's "centralized" CA root for the VPN
>> server?
>
> More generally, even if the sysadmin is trustworthy there is no way for
> me, the user, to know if someone else has obtained unauthorized access
> to the escrow. Which is to say, I'm expected to blindly trust that the
> system hasn't been compromised by bad actors without any proof at all
> that this is the case.

This is by definition the problem with all security. Every type of
security, from bank vaults, hotel rooms, to vpns sufferer from people who
don't protect the master keys.


>
>
>> The part I don't get is the claim that OpenVPN is vulnerable because
>> the public infrastructure that OpenVPN DOES NOT USE is vulnerable.
>
> Like I wrote before, it's not the publicness of the CA; it's the
> centralness. Public or private, any CA is a single point of compromise
> for its entire domain.

*Any* security infrastructure is a central point of compromise. That's the
nature of security. You are left with either an unmanageable mess or
forced to use or create some sort of infrastructure to manage it.

ANY security system is vulnerable to bad actors that can gain access to
sensitive data. With a CA on openvpn, merely regenerate your master key
and push a new cert. When users can't connect, they have to re-validate
and obtain a new key.

>
> --
> Rich P.
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>