This blog gives a simple walk through “The world’s mode secure dating site”.
It’s full of technobabble talk of how the security system
operates. Feel free to ignore that at first reading.
We assume that you’ve installed the ecca-proxy as described.
If not, you’ll see some Don’t panic messages. We describe those later.
Home page
This is the url for the dating site.
http://dating.wtmnd.nl/
If you enter this into your browser you’ll see this page.
It’s a bit boring, just some plain text, no images. However, the proxy
has done a lot of work already.
It uses DNSSEC to resolve the hostname (dating.wtmnd.nl) into the
IP-address 94.142.241.226.
It also uses a DANE, an extension protocol to lookup the
TLS-certificate of the server. Every connection from the ecca-proxy to
the site uses https under the hood. We have to deserve the claim
‘most secure’ somehow.
Now click on the button ‘The aliens”.
The aliens
Here is the list of aliens. This page is visible without logging in
yet. Click one of the aliens and you see the detail page. It doen’t
have much details, as we want to showcase the technology behind
eccntric authentication. The most important thing is the “Compose a
Poem” button.
If you have an account you can send encrypted messages to other
participants. And you can receive messages too. To create an account,
press the ‘Your profile’ button at the top.
signing up
Here it turns ugly. Although only the page layout. What we get is a
page generated by the Ecca-proxy user agent. It is your computer that
asks you what to do. The dating site just waits until we return with a
valid account. It tells us with the 401 - Eccentric Authentication
required that it wants an anonymous client certificate, signed by
it’s own CA. See Anonymous Logins.
There are three options on the page.
The first option the proxy offers me (the user) to log in with my
existing account (guidow). Pressing that button tells the proxyt that
we want all subsequent connection to the dating site with that
account. Behind that account, the proxy logs in with the client
certificate.
The second option allows me to sign up for a new account. I come up
with a nickname and press the ‘Register’ button. The proxy (running on
my own computer) will create a new private key, and registers the
public key at the site’s own Certificate Authority. It checks if the
nickname is unique and signs it. Our proxy receives the certificate
and uses that to log in at the site.
Notice there are two components: The site itself and the Local Certificate Authority.
Finally, there is a third option to register anonymously. My proxy
will come up with a unique name ‘anon-
account with that name at the Local CA.
We take that third - anonymous - option.
signed up - manage profile
With a second or two, we are back at the dating site. And the proxy has logged me in.
The top part of the browser window is the part of the Ecca proxy. It shows that I’m logged in at the dating site, with the account it has created for me. There is also a log out button and a link to the proxy’s management page where we can see all accounts we have for all sites where we have accounts.
The blue part of the page is the dating site. It shows the typical questions to create a profile. Select some at will and press Engage. That sets the profile at the dating site. Now we are ready to comminicate.
sending messages
Click on the ‘Aliens’ button, select one of them to whom you want to
write a Vogon Poem. Click on the name to get to the details
page. There, click ‘Compose a Poem’.
Here we are at another simple looking but interesting screen. It’s just a textbox and a Deliver-button. All the interesting things happen - invisible - inside the ecca-proxy.
It’s the ecca-proxy that receives the message and two hidden parameters that the dating site put there. (The site and the proxy work together on this.)
<form method="POST">
<input type="hidden" name="encrypt" value="required">
<input type="hidden" name="certificate_url"
value="https://register-dating.wtmnd.nl:10444/get-certificate? ...
... nickname=guidow%40%40dating.wtmnd.nl">
<br>
<textarea name="cleartext" rows="8" cols="80">
I love the size of your ... ehm ... spaceship. Wanna dance?
</textarea><br>
<input type="submit" name="submit" value="Deliver">
</form>
This tells the proxy to encrypt the data in the form with the public
key it can find in the in the certificate at the given URL. The proxy
fetches the certificate, encrypts the data with it and submits it to
the dating site.
The dating site receives the encrypted text! It cannot read the
contents of the message. Only the recipient can. Now we wait for the
recipient to read our message and reply….
… and wait …
Oh, wait, as I control both accounts, both the anonymous and the guidow-account,
I’ve effectively sent a message to myself. We have to switch the
account.
manage accounts
First press the logout-button in the top part. You get to the Eccentric Authentication Handler.
As you can see, I have seven accounts at three sites.
receiving encrypted message
Click on the dating.wtmnd.nl link. You get back to the home page. Now
press the ‘Read messages’ button.
The site will want to know as whom we want to log in. The proxy offers
our two accounts for this site, not the accounts we have at the
other two sites.
Now we click ‘guidow’, to log in with that identity. The site receives
our certificate with the name, looks up the messages and presents what
it has for us. It looks like this:
That gibberish is what the dating site received from the ecca-proxy of
the sender. It looks like a Vogon Poem indeed.
Below it is the link to decode. Press it and it will tell the
ecca-proxy to decode the message with the private key is has for my
guidow-account. Then the proxy shows me what it has decoded.
Just what we expected.
conclusion
At no point has the dating site asked for an email address, real names
or identities. When it would be paid service, it can do so for listing
the account name in the list of aliens. Or it could require payment
for the alien-to-alien communication.
The user stays completely anonymous.
Here we’ve shown a way to create client certificates to log in to a
web site. All the hard work is done by the Ecca-proxy. The user specifies the actions and the accounts to use.
How could it be more user friendly?