<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Wed, Jun 13, 2018 at 2:00 AM, Dave Howe <span dir="ltr"><<a href="mailto:davehowe.pentesting@gmail.com" target="_blank">davehowe.pentesting@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"><span class="">
On 12/06/2018 16:12, Aram Perez wrote:<br>
<span style="white-space:pre-wrap;display:block;width:98vw">> Anybody look at this project:
> <a class="m_3217327319267105543moz-txt-link-freetext" href="https://gctc.opencommons.org/Project_GRACE" target="_blank">https://gctc.opencommons.org/<wbr>Project_GRACE</a>?
</span><br></span>
My understanding was that it is yet another IBE based "alternative"
to the current CA solution, .... a tie to a patented IBE implementation
</div></blockquote><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div text="#000000" bgcolor="#FFFFFF">....but I could have
missed something?</div></blockquote><div> </div><div>For Grace, The hook seems to be a node only oriented project. They say.<br><span style="font-family:sans-serif;font-size:14px;text-align:left;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">"Each node in the network (IoT, VM, etc) is assigned an immutable digital identity in the private key stored in the secure hardware.<span> "</span></span> <br><br>This seems to exclude many cloud and "mobile" VM dependant solutions so necessary in the cloud.<br>Secure hardware in the IoT world is unknown outside of the hooks in iPhone class processors ($$).<br>Given that secure hardware is secure and exists one can continue... Assigned by who and how is the<br>identity hook managed... it appears to be a type of generated password. <br><br>In the patent I am confused by: "<span style="color:rgb(51,51,51);font-family:Roboto,sans-serif;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">The second mechanism is for a sender to generate the public key locally for every recipient."<br>I do not understand how a public key be generated for me if I do not already know the private key will work. Is this where the world </span></div><div><span style="color:rgb(51,51,51);font-family:Roboto,sans-serif;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">has to trust a third party?<br><br>So some node to node communication security but not unique for all of some 10,000+ individuals or applications per node.<br>They mention virtual machines in the project GRACE so I am not sure how a migrated VM on new hardware can play. </span></div><div><span style="color:rgb(51,51,51);font-family:Roboto,sans-serif;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"> A captive VM or container might be useful. <br><br>Inside a walled garden?? </span></div></div><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"> T o m M i t c h e l l</div></div>
</div></div>