[tahoe-dev] Bringing Tahoe ideas to HTTP

[Peter Gutmann]

Brian Warner <warner at lothar.com> writes:

>From what I can tell, the Sparkle update framework (for OS-X)[1] is doing
>something like what I want for firefox: the Sparkle-enabled application will
>only accept update bundles which are signed by a DSA privkey that matches a
>pubkey embedded in the app.

You can extend this further to make it tolerant of key loss by embedding
multiple public keys and allowing a quorum of them to replace an existing key.
So say you have five keys, you can decide that any three of them can vote out
an existing key, allowing compromised keys to be replaced and existing keys to
be rolled over.  This creates a kind of fault-tolerant PKI which does away
with the need to have a CA vouch for key replacements, once you've got the
initial keys established (for example on first install) you can recover from
anything short of a total compromise, upgrade to larger keys sizes and hashes,
and so on.

>It'd be nice if Firefox could do the same. And if Firefox were to establish a
>quietly-backwards-compatible convention (i.e. the hash-mark trick) for strong
>URL-based authentication of HTTP resources, then other applications could
>start using it too, and a significant class of current web security problems
>(like the mixed-content one where an HTTPS page loads a javascript library via
>HTTP) could be fixed.

See my previous post, there was an attempt made to do this in the past but it
never got anywhere.  It'd be interesting to hear the reasons why.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com