TLS & Certificate Challenges
As a response to this post about ditching certificates in TLS, I thought of some other approaches that may improve the situation for the user when dealing with phishing on the "modern" web. I also posted a comment there, but will expand a bit on that here.
A possible alternative, without getting rid of certificates right away, could be to reduce the possibility of users being phished using current deployed technology with some (minor) changes. Although, getting rid of X.509, and ASN.1, would be a way to greatly reduce the attack surface by and of itself. Also the number of (semi) trusted CAs part of browsers is staggering.
Reduce number of CAs
A possibly way towards getting more control over trust in the CA system, may be to greatly reduce the number of CA certificates in the browsers. Ideally it'd be restricted to a handful of CAs.
Restrict the CAs
Furthermore, a CA could be tied to a (subset) of possible
(cc)TLDs to sign
using some kind of X.509 extension. For example only European CAs can sign
EV certificates for
.de domains, but they would be unable to do so
Browser Trust Levels
This way, different browser capabilities depending on the level of trust. For
<form> submits. A DV certificate would allow "normal" operation, but
block things like submitting credit card numbers or SSNs. Having an EV
certificate would remove those restrictions.
Of course these suggestions could be implemented and rolled out in addition to each other, TOFU and for example DANE with DNSSEC and we'd eventually settle on a mix of solutions where ideally the user is more safe from phishing and the attack surface of the technology will be substantially reduced.