A mighty fortress is our PKI, Part II
Nicolas Williams
Nicolas.Williams at oracle.com
Wed Jul 28 10:30:22 EDT 2010
On Wed, Jul 28, 2010 at 10:05:22AM -0400, Perry E. Metzger wrote:
> PKI was invented by Loren Kohnfelder for his bachelor's degree thesis
> at MIT. It was certainly a fine undergraduate paper, but I think we
> should forget about it, the way we forget about most undergraduate
> papers.
PKI alone is certainly not the answer to all our problems.
Infrastructure (whether of a pk variety or otherwise) and transitive
trust probably have to be part of the answer for scalability reasons,
even if transitive trust is a distasteful concept. However, we need to
be able to build direct trust relationships, otherwise we'll just have a
house of transitive trust cards. Again, think of the the SSH leap-of-
faith and "SSL pinning" concepts, but don't constrain yourselves purely
to pk technology.
Nico
--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list