Dutch Transport Card Broken

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Jan 31 19:29:52 EST 2008


"Perry E. Metzger" <perry at piermont.com> writes:

>> SSL involves digital certificates.
>
>Not really, James Donald/George W. Bush. It involves public keys, and it
>provides a channel by which X.509 certificates can be exchanged,

Actually it doesn't even require X.509 certs.  TLS-SRP and TLS-PSK provide
mutual authentication of client and server without any use of X.509.  The only
problem has been getting vendors to support it, several smaller
implementations support it, it's in the (still unreleased) OpenSSL 0.99, and
the browser vendors don't seem to be interested at all, which is a pity
because the mutual auth (the server has to prove possession of the shared
secret before the client can connect) would significantly raise the bar for
phishing attacks.

(Anyone have any clout with Firefox or MS?  Without significant browser
support it's hard to get any traction, but the browser vendors are too busy
chasing phantoms like EV certs).

>> The particular digital certificate format necessarily imply a PKI
>> structure
>
>No, James Donald/George W. Bush, that's not even remotely true. There is no
>requirement that you use the certs as anything other than key containers.

There's actually no requirement that you use certs at all.  In fact if
everyone dropped them (i.e. stopped pretending that they work and moved
towards something that does) we might all be a whole lot better off.

Peter.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list