Tired of managing certificates? Automate it with ZeroSSL   Learn about ZeroSSL Automation x

Firefox 3 developer explains "broken" SSL error pages

Johnathan Nightingale, a user interface developer for Firefox, has responded to the criticisms of the way that self-signed certificates are handled in Firefox 3. He first complains about the number of times that users call his user interface decisions stupid through wording such as:

Q: Why has Firefox started treating self-signed SSL certificates as untrustworthy?  I just want encryption, I don’t care that the cert hasn’t been signed by a certificate authority, and anyhow I don’t want to pay hundreds of dollars just to secure my communications.

Jonathan explains the problem with this kind of thinking:

First of all, this isn’t quite right.  You never *just* want encryption, you want encryption to a particular system.  The whole reason for having encryption is that you don’t want various ill-doers doing ill with your data, so clearly you want encryption that isn’t going to those people.

“So fine, I want encryption to a particular system,” you say, “but I don’t need a CA to prove that my friend’s webmail is trustworthy.  CAs don’t even do that anyhow.  I trust him, Firefox should get out of my way.”

Yes, absolutely - the browser is your agent, and if you trust your friend’s webmail, you should be able to tell Firefox to do so as well.  But how do you know that’s who you’re talking to?

He then gives three specific ways that your "Secure SSL Connection" could be exploited if the server uses a self-signed SSL Certificate including packet sniffers, router flaws, DNS flaws like the one that Dan Kaminsky revealed. He then concludes:

The question isn’t whether you trust your buddy’s webmail - of course you do, your buddy’s a good guy - the question is whether that’s even his server at all.  With a CA-signed cert, we trust that it is - CAs are required to maintain third party audits of their issuing criteria, and Mozilla requires verification of domain ownership to be one of them.

With a self-signed certificate, we don’t know whether to trust it or not.  It’s not that these certificates are implicitly evil, it’s that they are implicitly untrusted - no one has vouched for them, so we ask the user.  There is language in the dialogs that talks about how legitimate banks and other public web sites shouldn’t use them, because it is in precisely those cases that we want novice users to feel some trepidation, and exercise some caution. There is a real possibility there, hopefully slim, that they are being attacked, and there is no other way for us to know.

On the other hand - if you visit a server which does have a legitimate need for a self-signed certificate, Firefox basically asks you to say “I know you don’t trust this certificate, but I do.”  You add an exception, and assuming you make it permanent, Firefox will begin trusting that specific cert to identify that specific site.  What’s more, you’ll now get the same protection as a CA signed cert - if you are attacked and someone tries to insert themselves between you and your webmail, the warning will come up again.

I don’t think the approach in Firefox 3 is perfect, I’m not sure any of us do. I have filed bugs, and talked about things I think we could do to continue to enhance our users’ security while at the same time reducing unnecessary annoyances.  You’ll notice that Firefox 3 has fewer “Warning: you are submitting a search to a search engine” dialog boxes than Firefox 2 did, and it’s because of precisely this desire.

I welcome people who want to make constructive progress towards a safer internet and a happier browsing experience. That’s what motivated this change, it’s what motivates everything we do with the browser, really.  So it sure would be nice if we didn’t start from the assumption that changes are motivated by greed, malice, or stupidity.

SSL Question Corner - [meandering wildly]

Originally posted on Sun Aug 10, 2008

Comments


David Lincer(2014-12-13)

I used to use FireFox3. I am moving away from it more and more because I cannot finish my work.

I recently have gotten more and more of the:

signin.ebay.com uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is unknown.

(Error code: sec_error_unknown_issuer)

types of messages all over the net. As a user, I do not know or hardly know to care why. I want to complete my business, not mess around with the guts of internet security.

I am going to ebay to BUY an item. And am stymied by this message. I go to IE7 and for better or worse, I get done.

Bye, Bye FF3.

Danny(2014-12-13)

There should be seperate mechanisms for handling encryption and trust. Sometimes you don't need trust, you need encryption. Like an intranet. Sometimes you don't need encryption, you need trust.

Tying two very different concepts into one great, needlessly expensive, whole is ridiculous.

Firefox's warning doesn't help educate users. It's designed to scare them into being over-cautious so Firefox don't get bitched at. It doesn't help them make an informed decision and is detrimental to anyone who isn't in the business of selling SSL certificates (the large majority of which are completely free to produce anyway... even EV ones don't require much work).

Steve(2014-12-13)

I work in an environment that uses self signed certs for a variety of purposes within an isolated management network. The nature of the network is such that if the device is there, it is known and physically trusted. Physical isolation and locked data cabinets, security guards etc enforce all the security we need, and guess what. I can't tell firefox that "yes, it's ok *I* choose to trust this certificate.

Please - Mozilla - don't do this Microsoft BS! Don't *assume* - as you do in this rationale - that you know better than me what I *really* want, and what I don't want. I am a tech-savvy user - an engineer who knows a bit more than *you* do perhaps - and *I* and *I alone* am qualified to tell anyone *what I really want*. What I want is the freedom to choose how I use the technology in my environment.

Firefox has been good to me for so long. It's too bad I have to give it the flick over something as *stupid* as this.

Cheers

Duane(2014-12-13)

If "You never *just* want encryption" then why do they incluse DH ciphers?

Not to mention OpenPGP is part of the TLS family, I don't need some third party to tell me who is and who isn't my friends, of course anyone with enough money would be my friends.

Aaron Miller(2014-12-13)

If mozilla could, it would still be costly to mozilla. They need to get their root certificates into -all- browsers (read: IE especially [Good luck dealing with MS]). Then they need to verify the identity of the holder of any certificate before they sign it, which is a lot of paperwork. Being a CA is a lot of costly work and a difficult thing to do for free. And @Duane DH works fine until there is a man-in-the-middle which is the entire point of CAs in the first place. CA signed certificates are for businesses, and -aren't- that expensive for the people that need them.

Mr Flibberly(2014-12-13)

Duane,

If you read Jonathan's quotes in the post you would realize that the lack of a certificate authority leads you open to a man in the middle attack. It doesn't matter what cipher you are using, without a certificate authority there is no way to bind a web address to a key in a trustworthy way.

Certificates *are* prohibitively expensive for many uses and an alternative system for more casual use (something like a web of trust) is certainly desirable. Self signing certificates however, really isn't a very effective solution, and Firefox's behaviour in this regard is wise.

Paul Dorman(2014-12-13)

This would solve the problem and do the world a favor. A free CA service is very much needed.

Alex Ponebshek(2014-12-13)

This could be handled the same way SSH and GPG have both handled it forever: you get the key, actually *look* at the certificate, check the fingerprint, and if it matches the one you memorized or wrote down, make an exception! Firefox 3 has a nice "Add an exception..." button, and it works just fine. The warning is ominous, because anybody who doesn't understand what it means is right to be afraid of it, and anybody who does understand what it means an ignore the ominousness and look at the cert.

spispopd(2014-12-13)

Look, true self-signed certs are silly. Make your own CA and sign a server (and maybe a client!) cert with that, and add your personal CA to your firefox list of trusted CAs. It's point and click with "TinyCA2", assuming you're on linux.

Firefox SHOULD give a disconcerting message for self-signed certs.

Robert(2014-12-13)

Steve, you can tell Firefox to always trust a certificate. When you get the error, just click on "Add and exception" then click on "Add exception...", "Get Certificate", and then "Confirm Security Exception". The permanently store this exception checkbox is checked by default.

I think you could also import the certificate into Firefox's certificate store and you would never see that error message. You could also try one of the Firefox plug-ins that change this behavior.

Gom Jabbar(2014-12-13)

I'm not going to argue with Nightingale as though he were not a raving lunatic. He's nuts (obsessive/compulsive) and misguided. Someone should say so. As a scientist/lawyer of nearly 40 years experience, guess its up to me.

Mozilla is ABUSIVELY imposing a POV on the internet based on a flawed understanding of security. The solution is new development management at Mozilla for the ssl handling of Firefox.
"Ownership" of a site is not the issue, what nutcase would think it was?

A certificate (or a signing cert) is verified as authentic by its fingerprint, obtained from a trusted source. It is that damn simple. Mozilla doesn't decide what is a trusted source, the user does. Mozilla does not decide what is proper risk/benefit for the internet, the Internet commmunity does.

Some level of warning and opportunity to verify and accept a certificate is warranted, but Mozilla's approach here is oppressive, over the top, unwise, unnecessary, and ultimately damaging to the internet and to Firefox.

This approach constructively forces use of "Trusted" CA signed certs in circumstances where these are not appropriate. What nutcase trusts Verisign anyway, I don't. The reality is the banks control and use and trust Verisign it for THEIR purposes of commerce. That's all. Only a stupid whackout on spiked koolaid would think otherwise, or would elevate a group of banking crooks to a position of authority on the internet.

Even Micro$oft knows better. Mozilla, FIRE somebody and get someone in their that can actually think and respond to community that uses your product. Do it or lose it. Hey.

Quangtn(2014-12-13)

Duane,
You have some good points. You always have a choice... just don't use Firefox.

Firefox Sucks(2014-12-13)

"Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number."

If you get that error (the code being sec_error_reused_issuer_and_serial) then there is *no* way to add an exception. Can you not understand that I want to choose to whether to go to that site myself?

luc pissed off(2014-12-13)

i use to love firefox but since i cant find a single easy way to fix this or to do my banking on- line i reccomend to drop firefox alltogether good by i use to love u

dangerOp(2014-12-13)

I just set up a self-signed certificate for an internal website. Both IE and Firefox will warn you that the certificate is not trusted. Since my users and I trust the internal systems, the constant warning does become a small annoyance, so I went about configuring the browser to accept the certificate.

In order to install the certificate into IE, you have to download the certifcate to each user's system and install it using a Windows wizard. You have to change the default setting to specify the certificate store - it must be placed in the "Trusted Root Certification Authorities" store for it to work. A few more click-throughs and it finishes.

In Firefox, you click on the "add exception" button, click another button, click a "Get Certificate" button, and then OK. Finished in about 5 seconds. If you want to save the certificate to a different location, you can change the default to something else.

Based on this experience, I'd say FF is easier and faster to set up, provides the same choices, and, like all open source software, gives you way more freedom than IE. All the hate flying around at FF just seems unfounded.

Robert(2014-12-13)

I am a system admin and have used FF for as long as I can remember.. however..

This new SSL policy has forced me to migrate dozens of networks off FF due to the SSL errors.. My clients use the USPS site for shipping and apparently, FF has decided that they are not trustworthy (Comodo cert no less)

I hope someone sees how this could be an issue and finds some kind of resolution (at the very least an bypass on a per site basis)..

Currently in testing with Safari and Chrome... this sucks...

Andrew Stringer(2014-12-13)

Hi, several comments have been made about how difficult it is to use self signed certs in an intranet with many servers.
I use to work in a 20,000+ user and 100+ server organisation and we solved it by running our own CA and distributing the root CA certificate to all machines, we included the cert in all image builds for desktops and sent an email with a url pointing to the root CA to all users.
Importing this in to firefox and ie was not difficult, chrome was the odd one, it would just download the certificate rather than offer to import it.
This was a one hit operation, subsequently all server certs signed by our CA were trusted as if they were issued by a commercial CA.

Regards,
Andrew.

Duane(2014-12-13)

Good to see everyone missed my point, I wasn't advocating the use of DH ciphers merely pointing out that Firefox supports using them.

The real point to my comment which everyone seems to have ignored is OpenPGP has a valid RFC against it allowing to to be used as an alternative to X.509 certs, however so far no browsers or even plugins support using those certificates which could be a much better alternative to X.509 with its woeful take up rate of less than 0.5% of all websites or there abouts.

Some food for thought: http://open-pgp.info/wiki/i...

Advertisement • Hide