A few days ago I talked about how to fix TLS by ditching certificates and using public keys sent by the websites themselves to authenticate them. That proposal attracted quite some criticism. I realised I didn’t explain the idea very well. So here is an update, to address the comments and to explain the idea better and more precise. Read the original post for some more context and background.
Archives for posts with tag: public key pinning
TLS secures the connection between your browser and the websites you visit (and a lot of other Internet connections that do not involve either a browser or a web server). TLS should provide confidentiality (so nobody can steal your passwords or see which webpages you are visiting), integrity (so nobody can modify the transactions you send to your bank) and authenticity. When properly used, TLS provides the first two guarantees, but it is increasingly becoming apparent that it fails to provide the latter: authenticity. The use of certificates (and the poor understanding of what authenticity on the web really means) is to blame.
(Note: I wrote an update to clarify and improve the idea, based on comments I received.)