Last release |
0.09 (client) / 2012-03-07
|
---|---|
Development status | Abandoned |
Written in | Python, JavaScript |
Operating system | Windows, OS X, GNU/Linux |
Available in | English |
Type | Web browsing |
License | GPLv3 |
Website | See Archived 3 August 2016 at the Wayback Machine. |
Convergence was a proposed strategy for replacing SSL certificate authorities, first put forth by Moxie Marlinspike in August 2011 while giving a talk titled "SSL and the Future of Authenticity" at the Black Hat security conference. It was demonstrated with a Firefox addon and a server-side notary daemon.
In the talk, Marlinspike proposed that all of the current problems with the certificate authority (CA) system could be reduced to a single missing property, which he called "trust agility" and which Convergence aimed to provide. The strategy claimed to be agile, secure, and distributed.
As of 2013, Marlinspike is focused on an IETF proposal called TACK, which is designed to be an uncontroversial first step that advocates for dynamic certificate pinning instead of full CA replacement and reduces the number of times a third party needs to be trusted.
Development of Convergence was continued in a "Convergence Extra" fork until about 2014.
Convergence was based on previous work from the Perspectives Project at Carnegie Mellon University. Like Perspectives, Convergence authenticated connections by contacting external notaries, but unlike Perspectives, Convergence notaries could use a number of different strategies beyond network perspective in order to reach a verdict.
The purpose of a certificate authority in the conventional SSL system is to vouch for the identity of a site, by checking its SSL certificate. Without some vouchsafing, one is open to a man-in-the-middle attack. A single site is vouched for by only a single certificate authority (CA), and this CA has to be trusted by the user. Web browsers typically include a list of default trusted certificate authorities, and display a warning about an "untrusted connection" when a site cannot be vouchsafed by a trusted CA. A problem with this system is that if a user (or browser vendor) loses trust in a CA, removing the CA from the browser's list of trusted authorities means losing trust in all the sites that used that CA. This happened when major browsers lost trust in the DigiNotar CA and sites registered with this CA had to get new certificate authorities (see Certificate authority#CA compromise for more examples of trust breaches).