LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Posted May 12, 2012 0:00 UTC (Sat) by robert_s (subscriber, #42402)
Parent article: My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Yes because the answer is yet another highly centralized trust model.

(Log in to post comments)

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Posted May 12, 2012 21:29 UTC (Sat) by wahern (subscriber, #37304) [Link]

I don't think the model is trust or centrality. The model is accountability. In an environment with proven repercussions for maintaing broken infrastructure, trust would follow naturally.

The problem is one of externalities. If some administrator's server gets broken into, the harm to him is minimal while the collective harm to everyone else can be significant. The way to fix this is to make that administrator internalize those costs. One mechanism to do it: kick him off the network, so that he really feels the pain when his box is p0wned. Whether the mechanism for kicking him off is centralized (a dictator) or not (a democracy), doesn't matter much in the short term.

So, you're not trusting the .secure TLD people to maintain security. You're expecting them to vigorously punish insecurity. If they don't do this, then people will move on. If they do, then any .secure network would be worthy of more trust than, say, a .cn network. That's a big "if", though. There're lots of conflicting economic interests at play.

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Posted May 13, 2012 10:03 UTC (Sun) by robert_s (subscriber, #42402) [Link]

"That's a big "if", though. There're lots of conflicting economic interests at play."

That "if" becomes even bigger in the context of highly trusted certificate authorities issuing man-in-the-middle capable certificates to governments and "security systems" vendors.

Why do you think we would necessarily _know_ whether this organization is doing a good job maintaining security?

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Posted May 13, 2012 20:02 UTC (Sun) by copsewood (subscriber, #199) [Link]

.secure wouldn't be worth anything other than as a temporary marketing ploy for taking cash off the gullible unless it uses DNSSEC throughout.

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Posted May 14, 2012 18:54 UTC (Mon) by hummassa (subscriber, #307) [Link]

s/unless/even if/

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Posted May 13, 2012 18:05 UTC (Sun) by rgmoore (✭ supporter ✭, #75) [Link]

If you really want to make the system work well, you need to provide some kind of reward- even if it's just reputation, rather than financial- for identifying and publicizing insecurity. Vulnerable sites will ask for a grace period to fix their problems, and the others will be tempted to give it to them. Whatever the long term benefit from having a serious penalty for being insecure, there will be some loss of reputation from admitting there's a problem; other sites will be tempted to prevent a short term hit by cooperating in covering it up as long as there's a promise of a prompt fix. They'll be doubly tempted because they'll want to ensure that there's a precedent that they'll be given a grace period if/when they're the vulnerable one. The only way out is to reward people for refusing to play along.

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Posted May 13, 2012 18:51 UTC (Sun) by drag (subscriber, #31333) [Link]

That's really pretty much describes how it works now for all websites.

And unless you are creating a website for vanity or some other personal satisfaction then it really all boils down to money no matter what your intentions are when designing a incentive system.

We all know what the truth is behind this ".secure" thing is; It's a attempt to build a racket based around a flawed assumption/logic by the people that initially designed the domain naming system with its use of top level domains.

If these people get their ".secure" TLD accepted then pretty much every commercial website will feel compelled to re-purchase all their existing *.com/*.net/etc domain names, but now ending with ".secure". They want to make it complicated, exclusive, and expensive to get a ".secure" domain name not because they want to make the internet a better place, but because that will generate the maximum amount of revenue with the minimal amount of effort for themselves.

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Posted May 24, 2012 11:52 UTC (Thu) by job (guest, #670) [Link]

Absolutely. You wouldn't want some porno site to register "your" domain name under our brand new TLD, right? That's the real business model, a sort of protection money if you will.

My own private Internet: .secure TLD floated as bad-guy-free zone (Ars Technica)

Posted May 18, 2012 21:30 UTC (Fri) by dafid_b (guest, #67424) [Link]

Given that companies with servers in the .secure domain have opted in, it the becomes reasonable for the browsers to apply rigorous standards to certificates etc.

The warnings can instead be errors that can not be clicked past...

Maybe with an with an email report to the domain registrar of the problem.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds