There’s been some hubbub lately about Firesheep, a Firefox extension that adds a convenient, user-friendly session hijacker. It does highlight one thing: websites should start using SSL, because people tend to use a lot of public networks where everyone can listen in. Paranoid people are sort of right: once you have more than one user in the same network segment, you can’t really trust anyone if the websites you talk to insist you talk with them on the public. Stick SSL in, and people can’t listen to you any more.

It’s amazing that SSL is about as old protocol as SSH (Secure Shell), and sees much bigger use, yet it’s not as convenient from user perspective.

When I first ran into SSH, it was a real miracle. I had grown accustomed to the thought that cryptography needed to be hard; sending PGP mail was a real hassle. Yet, there I was: all I needed was a user name, host name, a password, and - boom! - there I was, logged in, with encryption all over.

Compare this to the way many sites implement SSL these days. Some get everything encrypted, as should be done; you can actually use GMail fully over SSL. Some implement SSL login, which isn’t enough as far as Firesheep is concerned. But many sites seem to regard SSL as an “alternative”. A neglected alternative that makes everything as annoying as possible in practice.

Wikipedia has a secure server. I might actually start using this thing now, because, since my last check, they have now apparently fixed the most annoying flaw in it: links that lead to non-secure pages. This is one of the huge flaws of some sites that absolutely ruins the SSL usability, and should be addressed.

…oh, look, damn, I made a big mistake earlier in this text. Here - go read about SSL and SSH. I spent a good 30 seconds searching for SSL links for those two articles, because finding them is not a simple matter of changing “http://” to “https://”. This is the sort of thing that gives SSH a bad name.

And a funny thought occurred to me. SSH is good because the security is invisible. SSL, as it currently is practised, is anything but invisible. This is because, by design, SSL is supposed to be highly visible. It was designed to appease bankers, who can tell the dumb everyday customers “look at the giant lock symbol! It tells you’re safe!”

What they should be telling the customers is this: “Look at the site owner verification. If it says our name, then you’re good. If it’s wrong or if you can’t find it, don’t fall for that.”

And Wikipedia seems to do its part. External links have futuristic ziggly symbol next to them. MediaWiki thinks SSL pages need a Giant F-off Lock next to them. I’m not sure how this particular part improves Wikipedia’s usability: It tells you those sites are somehow special.

And SSL isn’t special.

Now, I can understand it if MediaWiki adds an icon after PDF files. The users need to be aware that waiting behind the link isn’t any old normal web page: it’s either a doorway to yet another Adobe nightmare, or it launches an external PDF viewer. But SSL isn’t special. It’s yet another way to transfer web content.

When there’s no reason to draw attention to “oh, look how damn secure we are”, SSL should stay damn hidden. GMail does it right. I’m just visiting it over SSL link and I see nothing out of ordinary that would draw my attention.

Also, one of the problems with SSL is that it tries to establish identities as well as security. Establishing identity through certificate authorities is a good idea. It’s a bad idea if that is mandatory. People should be able to make SSL sites that are just as usable and verifiable as SSH sites: You just install sshd, people can log in, and if the key fingerprint changes, the client screams bloody murder.

But installing sshd is trivial… yet, in comparison, I need to regard re-creating my SSL certificate as That Time of the Year.

And the browsers scream bloody murder - scream, scream, SCREAM - until I specifically tell them “hush, little firefoxie, this credit is legit because I made it with my own crafty hands.”

Undeniability is a good property of cryptography, but sometimes, it’s a fairly useless one. Most of time, you just need to get the bits moving from place A to place B. That is the problem that most people face.

First and foremost, we need to start making the links trustworthy. The way we run CAs now, SSL wants us to make the links as well as the people running the sites trustworthy. The latter is a noble goal, but it adds bureaucracy. Costly bureaucracy. Sometimes a bit needless bureaucracy.

SSH’s security as far as trusting people amounts to “I know that guy because I talk to him every day, but why does his face look different today? Oh, he was in a motorcycle accident. Fair enough, that’s a plausible explanation. I guess it leaves a scar.” or “I know that guy because I talk to him every day, but why does his face look different today? Wait, his passport says he’s from Outer Bortzwania. And I know the real guy is a true patriotic Frenchman. I smell weirdness afoot.” It also amounts to “I know that guy because I talk to him every day, but why does his face look different today? Aha! But if he’s some weird bastard, I bet he doesn’t know my secret key! Well damn it, he does! I guess he’s trustworthy after all!”

In summary: SSL needs to be deployed wider, and it needs to be simple and invisible where such visibility is unwarranted. GMail is a good example of a site where this process has been done fairly successfully. Keep at it, and don’t make the SSL site a neglected “alternative” that doesn’t actually work.