On SSL, SET, `real PKI` and real code against Phishing/Spoofing

Amir Herzberg herzbea at macs.biu.ac.il
Thu Jul 22 05:08:08 EDT 2004


  brief comments/suggestions:

1. The whole discussion on how much eavesdropping is a threat is 
irrelevant. We all know it is a threat and the level is not important, 
as SSL/TLS provide a good, inexpensive solution. Drop this topic.

2. Stop beating the dead horse (SET). But yes, we should learn from 
mistakes... and Steve is right: SET main failure was lack of incentive 
to buyers and sellers. Such an incentive was our design assumption and I 
was assured by the CC `suits` they'll do it, but when they did, it was 
too little and much too late. And also they added so much baggage on 
this poor protocol that it became really so complex. But I am proud of 
few things in SET, especially...
 > It wasn't even a real PKI ...
No, exactly, it wasn't. Because what you refer to as `real PKI` (see 
original note...) - identities, revocation etc. - are not needed for 
this application (and many others). We need to use the tool that fits 
the job.

3. Which brings us back to SSL and Ian's objection... I think Ian 
_really_ objects to the fact that the major SSL/TLS deployments 
(browsers, servers) depend on `browser PKI`. And I agree: I think the 
`browser PKI` is a sad joke (on us), with the weakly-secure, 
not-really-trusted list of over-100 CAs. We can do much better - use 
SSL, but checking certificates better; display the logo of the site 
and/or of the CA, and allow users to decide on sites they trust (and 
their logos) manually...

We have been discussing these things on this list for ages, and some 
even asked `is there a real use for crypto`. Then, with Ahmad, we 
implement and document a cute little extension to Mozilla that uses SSL 
and certificates, but probably not what some may call `real PKI`. And 
guess what? You go back to argue on SSL vs. SET and such.

Guys: give us some feedback! Ok, it's a paper, not a note, but it is 
really pretty easy reading. And if this is too much, at least look at 
the screen shot:
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing_files/image006.gif 


And then speak up - is it the right approach? Should we change something 
before releasing (hoping in a week or two) or longer term? Can you do it 
for IE or other browser?

(for the paper, see my homepage as below...)
-- 
Best regards,

Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures in cryptography & 
security)
Mirror site: http://www.mfn.org/~herzbea/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: herzbea.vcf
Type: text/x-vcard
Size: 343 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20040722/82d19292/attachment.vcf>


More information about the cryptography mailing list