Failure of PKI in messaging
James A. Donald
jamesd at echeque.com
Thu Feb 15 17:28:01 EST 2007
--
John Levine wrote:
> What's missing is, if you'll pardon the phrase, a
> central point of failure.
>
> If you can persuade everyone to use a single system,
> it's not hard to make communication adequately secure.
But there is a central point. ICANN is responsible for
internet names and numbers, and for keys to certify
those names and numbers, and it is pretty much
irrelevant.
Similarly, if everyone in the world used hushmail, would
not do any more good against phishing than if everyone
in the world used PKI signed mail - which is precisely
why people do not use PKI signed email.
You are making the Katrina reaction "we need someone in
charge". No, we do not need someone in charge. Someone
in charge does not make everything right, more commonly
it makes everything wrong, disrupting, rather than
facilitating, communication and cooperation, just as
with the Katrina disaster.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
hHUR4oItlqyjOJrgB5g69WubFGEXSD2fFY+PslCK
4pIw1gBia7di4K0uJB1p+FcZC9yxi1vCIFI3tot1u
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list