On SSL, SET, `real PKI` and real code against Phishing/Spoofing
Amir Herzberg
herzbea at macs.biu.ac.il
Thu Jul 22 05:08:08 EDT 2004
brief comments/suggestions:
1. The whole discussion on how much eavesdropping is a threat is
irrelevant. We all know it is a threat and the level is not important,
as SSL/TLS provide a good, inexpensive solution. Drop this topic.
2. Stop beating the dead horse (SET). But yes, we should learn from
mistakes... and Steve is right: SET main failure was lack of incentive
to buyers and sellers. Such an incentive was our design assumption and I
was assured by the CC `suits` they'll do it, but when they did, it was
too little and much too late. And also they added so much baggage on
this poor protocol that it became really so complex. But I am proud of
few things in SET, especially...
> It wasn't even a real PKI ...
No, exactly, it wasn't. Because what you refer to as `real PKI` (see
original note...) - identities, revocation etc. - are not needed for
this application (and many others). We need to use the tool that fits
the job.
3. Which brings us back to SSL and Ian's objection... I think Ian
_really_ objects to the fact that the major SSL/TLS deployments
(browsers, servers) depend on `browser PKI`. And I agree: I think the
`browser PKI` is a sad joke (on us), with the weakly-secure,
not-really-trusted list of over-100 CAs. We can do much better - use
SSL, but checking certificates better; display the logo of the site
and/or of the CA, and allow users to decide on sites they trust (and
their logos) manually...
We have been discussing these things on this list for ages, and some
even asked `is there a real use for crypto`. Then, with Ahmad, we
implement and document a cute little extension to Mozilla that uses SSL
and certificates, but probably not what some may call `real PKI`. And
guess what? You go back to argue on SSL vs. SET and such.
Guys: give us some feedback! Ok, it's a paper, not a note, but it is
really pretty easy reading. And if this is too much, at least look at
the screen shot:
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing_files/image006.gif
And then speak up - is it the right approach? Should we change something
before releasing (hoping in a week or two) or longer term? Can you do it
for IE or other browser?
(for the paper, see my homepage as below...)
--
Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures in cryptography &
security)
Mirror site: http://www.mfn.org/~herzbea/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: herzbea.vcf
Type: text/x-vcard
Size: 343 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20040722/82d19292/attachment.vcf>
More information about the cryptography
mailing list