Five Theses on Security Protocols
Guus Sliepen
guus at sliepen.org
Sun Aug 1 09:07:46 EDT 2010
On Sun, Aug 01, 2010 at 11:20:51PM +1200, Peter Gutmann wrote:
> >But, if you query an online database, how do you authenticate its answer? If
> >you use a key for that or SSL certificate, I see a chicken-and-egg problem.
>
> What's your threat model?
My threat model is practice.
I assume Perry assumed that you have some pre-established trust relationship
with the online database. However, I do not see myself having much of those.
Yes, my browser comes preloaded with a set of root certificates, but Verisign
is as much a third party to me as any SSL protected website I want to visit.
Anyway, suppose we do all trust Verisign. Then everybody needs its public key
on their computers to safely communicate with it. How is this public key
distributed? Just like those preloaded root certs in the browser? What if their
key gets compromised? How do we revoke that key and get a new one? We still
have all the same problems with the public key of our root of trust as we have
with long-lived certificates. Perry says we should do online checks in such a
case. So which online database can tell us if Verisign's public key is still
good? Do we need multiple trusted online databases who can vouch for each
other, and hope not all of them fail simultaneously?
Another issue with online verification is the increase in traffic. Would
Verisign like it if they get queried for a significant fraction of all the SSL
connections that are made by all users in the world?
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at sliepen.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20100801/339599b3/attachment.pgp>
More information about the cryptography
mailing list