[resters]

The simple solution would be to have independent entities offer trust assertions about CAs and to allow users to consider multiple entities' views in their decision about whether to trust. It's surprising this doesn't exist yet when the attack vector is so clear.

[tptacek]

This is something more akin to a client software bug than a WebPKI issue. Any alternative PKI scheme you could come up with would still be subject to Microsoft cutting deals.

[8organicbits]

Can you explain?

I think the parent is suggesting that users should be able to tune their trust stores. I'd imagine that trusting only the CAs that are in all the major trust stores (Google, Microsoft, Mozilla, and Apple) would be a reasonable policy. Few websites would choose a CA that falls outside that group.

[tptacek]

Users can tune their own trust stores.

[8organicbits]

Is there a way to do it that isn't tedious? I'm not familiar with tooling beyond the UI browsers offer, which doesn't match the experience I was trying to describe.

[dadrian]

The next version of Chrome introduces a whole UI for this at chrome://certificate-manager.

[salawat]

I mean... It's as easy as getting SSL certs and importing them into a trust store/adding them to a directory.

The hard part is getting the people you want to establish a trust relationship with to give you a copy of their key. Web of Trust was the answer to logistical key distribution problem. The idea being there would be an organization that would vet people and vouchsafe their cryptographic material for everyone else.

The problem of course, is that the more invisible this is to users, and the more unintuitive the actual mechanics, the more valuable cracking the CA's becomes for hostile actors because of the ensuing blast radius compared to the boast radius that would result from theoretically getting the practice of key exchange in the public, and getting them to internalize the act of creating their own trust networks.

Of course, if you have dreams or fantasies of being able to control people, none of the work that goes into educating the populace is ever going to be endorsed, because once everyone realizes that they can at least assure their own safety by not delegating their cryptography, the entire idea of eacesdropping as a third-party by tapping the line is unmade. Which is not a popular state of affairs universally.

[8organicbits]

Web of trust is way more ambitious than what I'm talking about. Key distribution for the Apple, Microsoft, Google, and Mozilla trust stores is already a solved problem and works well at scale already.

However, if you don't trust the inclusive nature of Microsoft's trust store and prefer Chrome's, there should be a tool to swap out trust stores. I don't think such a tool exists yet.

[silotis]

With DNSSEC + DANE Brazil would not have needed to make any deal with MS to be able to issue certs for .br domains and they would not have been able to issue a cert for google.com.

Admittedly DNSSEC has issues to put it mildly, but it does serve as a counterexample to your claim.

[will4274]

It'd be a simple enough browser plugin to build - a tool that checks multiple trust stores when rendering a page. Probably it already exists.

The problem is between the keyboard and the chair. Users struggle to understand SSL already. Browsers decided that the distinctions between EV, DV, and OV were too complex and hid them. What will your grandmother think when she opens up her bank and your browser plugin shows a greenish yellow trust indicator because the cert is trusted by Google, Apple, and Microsoft, but not Mozilla?

Unfortunately, trust is binary. Your grandmother click on the bank bookmark and either sees her banking websites or sees a scary warning.