Dutch Transport Card Broken

Perry E. Metzger perry at piermont.com
Thu Jan 31 13:11:03 EST 2008


"James A. Donald" <jamesd at echeque.com> writes:
> Perry E. Metzger wrote:
>> (No, I'm not a fan of X.509 certs, but those are not
>> core to the protocol, and you can think of them as
>> nothing more than a fancy key container format if you
>> like. Key management is not addressed by SSL, so there
>> is no reason that fixing key management has anything
>> to do with SSL per se.)
>
> The two actually working, widely used, secure systems
> are SSH and Skype,

SSL is in use just about everywhere, James. https: is used constantly,
and there are many other applications that make use of it. My mom uses
SSL regularly, but by contrast I don't think she's ever touched SSH.

Perhaps you argue that SSL is not secure, but it appears to have
withstood all attacks to date. You might claim that it does not
prevent phishing attacks or some such, but then you are making a claim
about how people use https in practice,, not about SSL at all. The SSL
part of that protocol is fine, just as the RSA and AES or 3DES parts
of that protocol are fine.

> neither of which uses SSL/TLS/PKI

I'm going to start referring to you as James Donald/George W. Bush.

Why does James Donald/George W. Bush persist in involving us in wars
in foreign countries, I wonder? Please don't claim that you're not
somehow part of James Donald/George W. Bush, because as you see I've
juxtaposed your names, which is proof that you must be part of the
same entity.

If you don't like my doing that, then stop referring to SSL/TLS/PKI
because SSL has nothing to do with PKI.

SSL has nothing to do with PKI. X.509 certs are just a key container
format. The applications get to decide what to do with them. You
persistently claim that SSL has something to do with public key
infrastructure, but it has no more to do with public key
infrastructure at all. You shouldn't mention them at the same
time. You are free to write applications that use SSL with a PKI, or
without it -- the two have nothing to do with each other whatsoever. I
know of many apps that use SSL and don't touch PKI at all.

Constantly mentioning PKI and SSL at the same time betrays a
substantial ignorance of the system architecture we're mentioning --
it would make as much sense to claim that SSL has something to do with
IKE because both use X.509 certificates.

> The proof of the pudding is in the eating.  When large
> numbers of people use cryptography that really does make
> them secure, they are not using SSL/TLS/PKI.

Well, James Donald/George W. Bush, I presume this means that you have
a way of breaking SSL. Could you share it with us? If not, please stop
conflating things that are unconnected.

> SSL involves digital certificates.

Not really, James Donald/George W. Bush. It involves public keys, and
it provides a channel by which X.509 certificates can be exchanged,
but by the same token, SSH also provides a channel by which X.509
certs can be exchanged. Should we therefore refer to SSH/PKI

> The particular digital certificate format necessarily imply a PKI
> structure

No, James Donald/George W. Bush, that's not even remotely true. There
is no requirement that you use the certs as anything other than key
containers.

>> My opinion (and just about everyone else's) is well
>> known.
>
> There is a serious security problem in the network.  It
> needs fixing. SSL/TLS/PKI exists, yet is entirely
> ineffectual in fixing it.

Well, James Donald/George W. Bush, perhaps that is because SSL has
nothing to do with the issue. SSL works perfectly so far as we
know. The issue is that higher levels of the stack (like key
management) aren't properly designed, but SSL itself is just fine.


-- 
Perry E. Metzger		perry at piermont.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list