Failure of PKI in messaging

Ivan Krstić krstic at
Tue Feb 13 17:00:35 EST 2007

Ian G wrote:
> Actually, there are many problems.  If you ask the low-level crypto
> guys, they say that the HI is the problem.  If you ask the HI guys, they
> say that the PKI concept is the problem.  If you ask the PKI people,
> they say the users are not playing the game, and if you ask the users
> they say the deployment is broken ...  Everyone has got someone else to
> blame.

This is, in my experience, exactly right. I'm trying to take some steps
for the better on the OLPC: all e-mails and IMs will be signed
transparently and by default, with the possibility of being encrypted by
default in countries where it's not a problem. This'll help with privacy
and message integrity, but it's not designed to stop phishing or

Phishing is less of an immediate problem for us, as there's little
incentive to phish 6-year olds in developing countries. But it will be a
problem eventually, and by then, it might be extremely difficult to
introduce sweeping changes in the security and HCI model to remedy the

One tremendous advantage we have now with OLPC is the ability to ignore
backwards compatibility for a number of things, so if we had a really
good model for dealing with phishing and the like -- even if it required
new assumptions or approaches -- we could probably do it. So maybe it's
time (for us, perhaps) to organize a workshop on this? Is there a better
way to do it?

Ivan Krstić <krstic at> | GPG: 0x147C722D

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list