<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] is a new approach to helping computers communicate securely on the Internet.  With [{$pagename}], public “network notary” servers regularly monitor the [SSL] [certificates] used by 100,000s+ websites to help your browser detect [Man-In-The-Middle] attacks without relying on [certificate authorities|Certificate Authority].

!! The Problem
For years, the Internet has relied on anointed [Certificate Authorities|Certificate Authority] (CAs) and [Registration Authority] like VeriSign to issue SSL certificates that browsers trust to verify the identify of a remote web server when using the [HTTPS] protocol. Verifying the remote server’s SSL certificate is necessary to avoid [Man-In-The-Middle] (MitM) attacks in which an [attacker] eavesdrops on communication or impersonates a remote website.

The [Certificate Authority] model have long been criticized as a potential security risk, and recent incidents demonstrate that the security concerns are not just theoretical:
* May 2011: Indications point to the Syrian government actively performing [Man-In-The-Middle] [attacks] (More Info)
* March 2011: Certificate Authority is hacked, leading to the issuing of fraudulent certificates for sites including google.com, yahoo.com and msn.com (More Info)

The root of the problem is that with the [CA] model, browsers blindly [trust] a group of 600+ corporate and government parties to [Certificate Validation]. You as a web [browser] user have little or no choice about who to trust and essentially no visibility into whether these organizations deserve your trust.

!! How Perspectives Helps
Perspectives takes a different approach to how the web [browser] determines if an [SSL] [certificate] is valid.  Instead of requiring [browser] users to [trust] an anointed group of [Certificate Authority], Perspectives gives users the ability to pick a group they trust (e.g., the [EFF], [Google], their company, their university, their group of friends, etc.) and trust no one else.

!! How is this possible?  
Perspectives has a decentralized model that let’s anyone run one or more “network notary servers”.  A network notary server is connected to the Internet and regularly monitors websites to build a history of the SSL certificate used by each site.  Notary servers or groups of notary servers may be operated by public organizations, private companies, or even individuals.

Rather than validating an SSL certificate by checking for certificate authority approval, with Perspectives the browser validates a certificate by checking for consistency with the certificates observed by the network notaries over time.  With network notary servers spread around the world and keeping a history of data, it is VERY hard for an attacker to launch a [Man-In-The-Middle] attack (see our academic paper for a full security analysis).

Just like a user picks which search engine their browser will use, they user can also choose what group(s) of network notaries they will [trust].  The user him/herself  can choose whether they trust Comodo, the U.S government, the Chinese government, or not.  And because all notary data is public, the quality of different network notaries can be measured and evaluated by anyone, creating a market for better security.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
</pre>