Question; Firefox 'Perspectives' addon shows 2 different SSL keys for WildersSecurity

Discussion in 'privacy problems' started by Baserk, May 4, 2011.

Thread Status:
Not open for further replies.
  1. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    Can anyone of the members here on Wilders who use the Firefox addon 'Perspectives' check some information?

    I've been using the SSL/https connection for WSF, just to try it out.

    Recently when browsing to this forum, a red 'Perspectives' bar with a message 'Suspected Attack' would appear. (see screenshot 1)

    Now when checking the SSL key information provided by the Firefox add-on Perspectives, it shows me 2 different SSL keys.

    When I double-click the Perspectives icon (green checkmark) and select 'Notary results' 2 different SSL keys are shown;

    Below a copy/paste of all the info. It shows one SSL key '4d:83:81:99:8f:a6:97:fe:3c:b6:e3:3c:d9:50:af:3f', only used for one day; Sunday March 20 (see screenshot 2)

    Notary Lookup for: www.wilderssecurity.com:443,2
    Browser's Key = '36:d2:1e:b5:9c:55:0e:3f:a4:45:fd:a3:99:ab:7e:66'
    Results:
    Quorum duration: 45 days
    Notary Observations:

    Notary: convoke.ron.lcs.mit.edu:8080
    ssl key: '36:d2:1e:b5:9c:55:0e:3f:a4:45:fd:a3:99:ab:7e:66'
    start: 1300660690 - Sun Mar 20 2011
    end: 1304497737 - Wed May 04 2011
    ssl key: '4d:83:81:99:8f:a6:97:fe:3c:b6:e3:3c:d9:50:af:3f'
    start: 1300630218 - Sun Mar 20 2011
    end: 1300660689 - Sun Mar 20 2011

    Notary: cmu.ron.lcs.mit.edu:8080
    ssl key: '36:d2:1e:b5:9c:55:0e:3f:a4:45:fd:a3:99:ab:7e:66'
    start: 1300652676 - Sun Mar 20 2011
    end: 1304496367 - Wed May 04 2011
    ssl key: '4d:83:81:99:8f:a6:97:fe:3c:b6:e3:3c:d9:50:af:3f'
    start: 1300630217 - Sun Mar 20 2011
    end: 1300652675 - Sun Mar 20 2011

    Notary: mvn.ron.lcs.mit.edu:8080
    ssl key: '36:d2:1e:b5:9c:55:0e:3f:a4:45:fd:a3:99:ab:7e:66'
    start: 1300652742 - Sun Mar 20 2011
    end: 1304494686 - Wed May 04 2011
    ssl key: '4d:83:81:99:8f:a6:97:fe:3c:b6:e3:3c:d9:50:af:3f'
    start: 1300630219 - Sun Mar 20 2011
    end: 1300652741 - Sun Mar 20 2011

    Notary: hostway.ron.lcs.mit.edu:8080
    ssl key: '36:d2:1e:b5:9c:55:0e:3f:a4:45:fd:a3:99:ab:7e:66'
    start: 1300659901 - Sun Mar 20 2011
    end: 1304498131 - Wed May 04 2011
    ssl key: '4d:83:81:99:8f:a6:97:fe:3c:b6:e3:3c:d9:50:af:3f'
    start: 1300630219 - Sun Mar 20 2011
    end: 1300659900 - Sun Mar 20 2011


    Weird thing is, when I check the self-signed WSF certificate just now, it shows the ssl key: '36:d2:1e:b5:9c:55:0e:3f:a4:45:fd:a3:99:ab:7e:66'.

    Why on earth would 'Perspectives' also have information on a different SSL key?
    I mean, the logical conclusion would be that I've been offered a different certificate than the original WSF one, right?

    WSF Perspectives warning.JPG
    WSF Perspectives warning Notary results.JPG
     
    Last edited: May 4, 2011
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
    Hi Baserk,

    What are your Perspective version/settings? Do you use Medium or High Security settings? Do you use Perspectives version 4.1? Why are you using https? There is a box to allow Perspectives to override Firefox security errors - perhaps a known problem (best to ask the folks at Carnegie-Mellon about).

    Additionally, the Wilders Security website does not supply identity information.

    -- Tom
     
  3. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    ^Hi Tom,

    Medium
    4.1
    Just to try it out, no specific need. (Reading and posting here hardly warrants/requires https) but I made a user-specific .xml file for HTTPS-Everywhere and I used the WSF SSL option for this.
    Override box is checked.
    I've mailed those guys a few times but no response so far.
     
    Last edited: May 4, 2011
  4. dga

    dga Registered Member

    Joined:
    May 5, 2011
    Posts:
    1
    Hi, Baserk -

    From the looks of it, it seems like for one day only (March 20th), the wilderssecurity.com domain was returning a different SSL key. The current key it's using was created on March 20, so what probably happened is that a different key was used for a brief period of time when testing, and that our servers picked it up. Given that the new key has been used consistently since then, you can safely ignore this error.

    In order to be getting this error, you must have picked a custom Perspectives configuration; our default (medium security) and high security options won't get upset if the new key has already been in use for a few days... I suggest *not* requiring more than, say, a week of continuous agreement on the key unless you have specific reason to believe that the website you're using is particularly threatened (e.g., the site itself is in some-country-with-oppressive-internet-regulations).

    -Dave
     
  5. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    ^Hi Dave,

    Thanks for responding here, very much appreciated.
    I had a thought that the other WSF SSL key must have been used for testing, just wondered why Perspectives gave me a warning (this happened 3 days ago on 5-2-'11).
    Probably I've been fiddling too much with some Perspectives settings, as you wrote.
    I'll try to backtrack what settings I used to get that result (to learn where I succeeded to fail ;))

    Anyways, thanks again.

    (P.S. Impressive 'going the distance'-resume btw)
     
Loading...
Thread Status:
Not open for further replies.