Re: [TLS] Update spec to match current practices for certificate chain order

["Ryan Sleevi" <ryan-ietftls@sleevi.com>]

On Fri, May 8, 2015 8:29 am, Dave Garrett wrote:
>  Let me be clear: I don't fundamentally disagree with you.

While I have great respect for Martin, I do disagree and think he's
fundamentally wrong here, for the reasons I already explained in my first
message as to why what he's asking is not only *wrong*, but *unwise* and
an unnecessary coupling of two intentionally-independent layers.

> Do you
>  think we could compel every browser vendor to apply this (effectively) new
>  standard uniformly, and make the changes all at the same time?

As I said elsewhere, requiring ordering might be something browsers do in
the future, but it's fundamentally coupling two things which are
explicitly decoupled (and better off so)

>  I don't,
>  especially not from the TLS spec. Vendors can't even drop critically
>  insecure protocols in unison. I don't even have confidence that everyone
>  could coordinate a token change of coloring in the UI for this one narrow
>  case.

And of course, coloring is the unquestionably wrong answer here from a
usability study. It's not so much a bikeshed discussion as demonstrably
bad for users and homeopathic cybersecurity :)

> > I believe that one of the causes why the problem exists at all
> > is a lack of sensible PKI credential management on the server side.
>
>  Likely true, but outside of the current scope of action.

The only way in which this protocol could have worked as described is in
an X.500 world that no one should reasonably/sanely want. Outside of that,
we're talking about tradeoffs and compromise, and those are both sensible
and necessary, so I agree wholeheartedly here :)