Failure of PKI in messaging
Ian G
iang at systemics.com
Tue Feb 13 06:37:54 EST 2007
Steven M. Bellovin wrote:
> On Mon, 12 Feb 2007 17:03:32 -0500
> Matt Blaze <mab at crypto.com> wrote:
>
>> I'm all for email encryption and signatures, but I don't see
>> how this would help against today's phishing attacks very much,
>> at least not without a much better trust management interface on
>> email clients (of a kind much better than currently exists
>> in web browsers).
>>
>> Otherwise the phishers could just sign their email messages with
>> valid, certified email keys (that don't belong to the bank)
>> the same way their decoy web traffic is sometimes signed with
>> valid, certified SSL keys (that don't belong to the bank).
>>
>> And even if this problem were solved, most customers still
>> wouldn't know not to trust unsigned messages purporting
>> to be from their bank.
>>
>
> Precisely. The real problem is the human interface, where we're asking
> people to suddenly notice the absence of something they're not used to
> seeing in the first place.
Actually, there are many problems. If you ask the low-level
crypto guys, they say that the HI is the problem. If you
ask the HI guys, they say that the PKI concept is the
problem. If you ask the PKI people, they say the users are
not playing the game, and if you ask the users they say the
deployment is broken ... Everyone has got someone else to
blame.
They are all right, in some sense. The PKI concepts need
loosening up, emails should be digsig'd for authentication
(**), and the HI should start to look at what those digsigs
could be used for.
But, until someone breaks the deadly embrace, nothing is
going to happen. That's what James is alluding to: what
part can we fix, and will it help the others to move?
iang
** I didn't say digital signing ... that's another problem
that needs fixing before it is safe to use, from the "ask
the lawyers" basket.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list